Gov. Ned Lamont signed a new law Thursday to improve cybersecurity to protect the state from online sabotage.
It comes after the East Coast's biggest fuel pipeline ground to a halt for weeks back in April due to computer hackers. Weeks later, the nation's meat supply was threatened by another attack.
"I think about this in layman's terms. And the first thing you've got to do is not let the bad guys into your house," says Lamont.
Now, if a company beefs up cybersecurity, they're shielded from paying damages in data breach lawsuits.
"We are removing the punitive part of it. We are encouraging manufacturers and other small businesses to learn, to get ready, and we are providing the tools to help them get ready," says Beatriz Gutierrez, of CONNSTEP Business Consulting.
A 2018 survey says Connecticut businesses are particularly vulnerable - with almost 1/4 already had suffered a data breach and only 26% say said they're confident in their cybersecurity plan.
"Investing in cybersecurity is an expensive decision that requires a company to dedicate time, staffing, and financial resources to be successful," says Eric Gejde, of the Connecticut Business & Industry Association.
States like New York and Massachusetts actually require companies to meet cybersecurity standards. Connecticut's new law is completely voluntary.