In the wake of a cyberattack that paralyzed state systems and took some services offline for a month, Nevada will spend more than $300,000 on two projects to boost the state’s cybersecurity.

The first project, which will cost $150,000, is to create a shared technical threat analysis platform that improves threat analysis and detection. The Office of Cyber Defense Coordination plans to expand the platform within the governor's office and to rural partners, which will allow all systems to be up to date and have the same advanced security measures. 

The second project, which will cost $163,700, is meant to build upon the work that UNLV has already begun to establish a statewide security operations center, specifically for cybersecurity.

The funding was approved by the Legislature’s Interim Finance Committee on Thursday after more than 30 minutes of tense debate between lawmakers on the committee and three state officials: Tim Galluzi, chief information officer for the state and executive director of the governor's technology office; Adam Miller, administrator for the Office of Cyber Defense Coordination; and Darla Dodge, senior deputy chief information officer for the Office of the Chief Information Officer.

Sen. Rochelle Nguyen (D-Las Vegas) asked Galluzi for a timeline for how and when the approved funds will be spent, and whether there is a larger strategic plan for dealing with cyberattacks.

“It seems like this is something that can’t and maybe shouldn't wait until 2027 or even the governor's recommended budget due dates in the fall of 2026,” Nguyen said.

Galluzi did not have a direct answer but shared that his team is working on some of the “emergent” needs of the state’s cybersecurity systems.

Miller shared that over the summer the IFC had previously approved $500,000 for staff support that the office used to bring in a consultant to do a top-down review of security policies including incident response, governance and training. He added that the state is working with UNLV on a feasibility study about a statewide security operation center, in addition to the projects proposed to the IFC.

“That is going to build a pathway to not only strengthen the security operations center for the executive branch, but allow us to reach out to our state and local partners, to bring them into the fold and kind of build out that holistic security platform,” Miller said.

Sen. Robin Titus (R-Wellington) and Assm. Tracy Brown-May (D-Las Vegas) also voiced concerns about how little the public actually knows about what the attacker had access to.

Brown-May asked Galluzi a litany of questions she said came from her constituents, including when the attack started, how long attackers were in the state’s systems before they were discovered, whether the state paid a ransom, what departments were affected and how much the attack cost the state. 

“There are a number of questions that I know a lot of people in my sphere have, and I don't feel like we have those answers,” Brown-May said in the meeting.

Galluzi, Miller and Dodge said they were unable to answer as the investigation into the cyberattack is ongoing.

Galluzi said that the state is working with a vendor to create a "holistic after-action” report that he said he hopes to make available to the public and other states as a learning opportunity. He did not provide any details about the report’s progress or when it is expected to be finished.

“A lot of state governments have had similar events happen within their departments, within their elected officials’ offices,” Galluzi said. “But at this level of an event, they're all worried about it, and they want to know exactly how we were able to react so quickly and so well, so they can learn from it and how to prevent an attack like this from happening to them.”

Titus said several legislators have received questions from constituents about whether their personal data had been taken and express how they were harmed in the attack.

“I just want to point out that the impact of my constituents who tried to go to the DMV to register a car couldn't, the local sporting goods gun dealers who tried to stay in business by selling various firearms couldn't because they couldn't do background checks, folks couldn't get employment because they couldn't get a background check — the impact is far greater than anything the state will pay,” Titus said. 

Galluzi responded by noting how hard his staff worked for the people of Nevada and that they saw on social media how upset people were that the system was down, preventing many of them from being employed — adding that he was sorry if he sounded defensive.

“They worked 18 to 20-plus hour days for weeks. They didn't take days off, they didn't take vacation, they gave up holidays. They gave up everything just to get Nevada back to work, just to get all of those things back online for Nevada,” Galluzi said. “It wasn't required of them, they volunteered it, and that was out of a sacred sense of duty.”