·
2 minute read
Summary
On August 24, 2025, a threat actor deleted Nevada’s backup volumes, deployed ransomware, and encrypted virtual machines across 60+ agencies.
It started three months earlier — a single state employee downloaded a tool from a spoofed website on May 14. A hidden backdoor sat quietly in Nevada’s systems for 72 days before anyone knew.
Then came the gut punch Timothy Galluzi describes in this episode: it’s ransomware.
Nevada refused to pay. 28 days later, they recovered 90% of the impacted data — $1.3 million in recovery costs, while Jaguar needed a $1.5 billion government bailout to survive a similar attack the same week.
Timothy Galluzzi, CIO, State of Nevada and Mark Hellbusch, Director, Security Consulting, Info-Tech Research Group break down exactly how it happened — and what every state, county, and local government CIO needs to hear before it’s their turn.
Featuring
- Timothy Galluzi, State CIO, State of Nevada
- Mark Hellbusch, Director, Cybersecurity & Privacy Services, Info-Tech Research Group
Timestamps
-
(00:00) Every 39 seconds - ransomware by the numbers
-
(01:00) The call Tim never wanted to get
-
(05:50) 18-20 hour days and kicking people out of the office
-
(08:00) Managing public comms with an active adversary watching
-
(14:30) NASCIO community: peer intel sharing in a crisis
-
(16:00) When Info-Tech showed up vs. the cold call vendors
-
(17:30) "28 days of success" - building the after action report
-
(24:00) Assembly Bill One: unanimous vote, statewide SOC
-
(30:00) Trusted partner vs. vendor - the real difference
-
(34:00) Zero Trust: 80% risk reduction and $1.5M ROI
Recommended Next Episodes
Resources Mentioned:
BleepingComputer.com noted in their coverage about the report that,
See: How a ransomware gang encrypted Nevada government’s systems“The document is one of the few completely transparent technical report from a U.S. state on a cybersecurity incident, describing all the steps of the attacker and setting an example on how cybersecurity incidents should be handled.”
Whenever you’re ready, there are 3 ways you can connect with TechTables:
1. 📬 The TechTables Newsletter
Thanks for reading TechTables! Get early access to new episodes, insights, upcoming events, and more — straight to your inbox.
Join now: https://www.techtables.com/
2. 🤝 Are you a local government CIO who wants to become a better leader?
Check out our high-trust, vendor-free peer group built for local government CIOs tackling real challenges, honest conversations, and an authentic desire to become a better leader — our next retreat is November 2026!
Learn more → https://techtables.com/communities-local-government
🤝 The Better Together Series (Virtual & On-Site)
The narrative-driven series bringing together industry partners and public sector CXOs. Discover the compelling stories that unfold when we stop working in silos and start building together.
»»» Email joe@techtables.com to learn more.
TechTables Better Together On-Site with Peter Loo, CIO, LA County & Hannes Scheidegger, Chief Global Delivery Officer at Info-Tech Research Group
Platinum Newsletter Sponsor:
Join TechTables & Info-Tech Research Group at Info-Tech LIVE 2026 - New Orleans (February 3 - 4, 2026) and/or Info-Tech LIVE 2026 - Las Vegas (June 9 - 11, 2026)!
Learn more about upcoming Info-Tech events here: https://www.infotech.com/events
Gold Newsletter Sponsor:
SentinelOne—Learn how SentinelOne empowers this state to stay secure.
Verizon Frontline—The advanced network that keeps first responders connected when it matters most.
Carahsoft—The Trusted Public Sector IT Solutions Provider™, supports government agencies and education/healthcare markets. Contact your Carahsoft rep today to access special discount pricing exclusively through the TechTables + Carahsoft partnership!
