• Florida’s Department of Management Services (DMS) is requesting $57 million in the next state budget for cybersecurity services. 
• The agency is seeking $35 million for local government cybersecurity grants to assist municipalities in complying with cybersecurity standards and improving communication with state agencies.
• Another $15 million is being requested to implement new Cybersecurity Operations Center solutions for agencies, increase monitoring and response capabilities following a security breach, and continue implementation of cybersecurity responsibilities outlined in state statute.

Florida Department of Management Services (DMS) Secretary Pedro Allende told the House State Administration & Technology Appropriations Subcommittee on Tuesday that the agency is seeking $57 million in the next state budget for cybersecurity services.

DMS is seeking $35 million in local government cybersecurity grants — a $5 million increase from the agency’s 2021 allocation — to assist local governments in their compliance with cybersecurity standards within deadlines required by law. In recent years, ransomware attacks against municipalities, government agencies, and utilities presented as an elevating concern within Florida institutions, serving as a potential threat to state security.

The grants are offered to local governments across the state to help establish cybersecurity foundations and facilitate lines of communication with state departments and intelligence officers.

“Many of [the counties and municipalities] lack the funds and staffing to set up security for themselves and share threat intelligence,” said Allende.

The agency is further requesting $15 million in additional funding to implement new Cybersecurity Operations Center solutions for enterprise agencies, increase monitoring and response capabilities following a security breach, and continue implementation of cybersecurity responsibilities outlined in state statute.

“Following the governor’s call to modernize technology in state government, the Florida Legislature created the Florida Digital Service,” said Allende. “DMS is requesting a $15 million increase to enhance existing solutions and fine-tune our tools. This is the central point for receiving information on threats and vulnerabilities, sharing intelligence with agencies, and coordinating instance responses.”

Another $6 million is sought after to “stay ahead of evolving threats” by developing a function within the Florida Digital Service to conduct research, testing, and evaluating in-use technologies across the state. A fourth budget request of $1 million is being made to procure Federated Data Management Advisory Services.

“That would largely be driven by the demands of what is deployed across the state or looking to be deployed across the state,” Allende told the subcommittee.

In July, Attorney General Ashley Moody announced the launch of a Cyber Fraud Enforcement Unit to address illicit online activities. During a press conference, Moody stated that more than 42,000 Floridians lost upwards of $844 million to cybercrime last year, prompting the need for a dedicated team to investigate and potentially stop such crimes. The unit will consist of criminal and civil attorneys from the Florida Attorney General’s Office, who will work alongside the Florida Department of Law Enforcement (FDLE) and its analysts to identify cybercrimes that might be overlooked by federal authorities.

Cybersecurity breaches have also plagued Florida’s healthcare facilities in recent months. Tampa General Hospital (TGH), one of Florida’s largest hospitals, announced that it suffered from a cybersecurity breach between May 12 and May 30, disclosing that an unauthorized third party accessed TGH’s network and obtained patient information.

Elsewhere, HCA Healthcare, which has 46 hospitals in Florida, disclosed in July that approximately 11 million individuals nationwide may have had their personal information compromised by an identified data leak. Similarly, the U.S. Department of Health and Human Services launched an investigation into a suspected ransomware attack against Tallahassee Memorial Healthcare in April that reportedly compromised the personal data of more than 20,000 individuals.