Ohio is a center for cybercrime, yet state efforts to counter it are measured in kilobytes, not the gigabytes necessary to combat the problem.
Buckeye State residents reported 12,661 incidents of crimes involving the Internet last year, the fifth highest number of any state in the nation. Losses of $10.6 million were noted, and that figure probably is conservative.
Yet the state attorney general is just now getting the same type of authority local prosecutors have to investigate cybercrime. A new law, going into effect Thursday, gives Attorney General Mike DeWine power to issue criminal subpoenas in cases involving online fraud, web-based scams and identity theft.
Until now, the attorney general's authority over cybercrime involved only civil penalties, not the ability to bring criminal charges. The change is long overdue.
Another needed improvement is being proposed in the General Assembly. There, a bill requiring government agencies, businesses and organizations to report security breaches of their databases is about to be introduced.
Such invasions often net criminals the lists of people with information such as birthdates, Social Security numbers and even bank account numbers that can make identity theft a breeze.
Yet, believe it or not, reporting such thefts of information apparently is a voluntary matter under current law.
Clearly, private organizations and businesses should not be required to disclose information that could be detrimental to their own financial affairs - or possibly even to their clients. But disclosing that crimes have taken place, possibly leading to more wrongdoing, should be mandatory.
Giving the attorney general more power and looking into the threat from breaches of computer databases are progress. Clearly, however, Ohio needs to do more to safeguard residents from cybercrime.