A panel charged with assessing Maryland's vulnerability to cyberattacks recommended Friday that the state create a team of emergency personnel charged with defending its networks against hackers.
The General Assembly created the Maryland Cybersecurity Council last year and asked for regular reports with ideas for how to better protect the state's computers and other critical infrastructure connected to the internet.
Maryland Attorney General Brian E. Frosh, chairman of the council, said planning for a major cyberattack that could shut down the electrical grid or interfere with the financial system is now as important as preparing for natural disasters.
"If we had reservists on hand who were trained to combat this specific type of threat, we could minimize the damage, notify the public quicker, and protect valuable information and assets," Frosh said.
In a report published Friday, the council of legislators, government officials, technology company leaders and university professors suggested that the reserve force could fall under the Maryland Emergency Management Agency.
The Maryland National Guard already has cybersecurity troops who also could be put to use by the governor during a crisis.
The council put forth several other ideas it says could improve the state's response to attacks and encourage cybersecurity companies to do business in Maryland.
One idea is to allow companies that are hacked to sue their attacker in court. The council members concluded that could provide businesses an option when there are insufficient resources for police and prosecutors to pursue a case. However, reliably identifying hackers — many of whom are based overseas — is notoriously difficult.
The council also proposed expanding the kinds of data protected under the state's personal information protection law and planning for ways to coordinate responses to attacks with other states in the Mid-Atlantic region.