States failing in cybersecurity preparedness, new Pell Center study finds

Most states in our nation lack strong cybersecurity measures, leaving themselves largely unprepared to respond to cyber threats, according to “State of the States on Cybersecurity,” a new study released by the Pell Center for International Relations and Public Policy at Salve Regina University. The full report is available for download at http://pellcenter.org/wp-content/uploads/2015/11/State-of-the-States-Rep...

This widespread failure comes at a time when state governments are investing heavily in broadband communication and promoting wider use of the Internet to stimulate economic growth, increase efficiency, improve service delivery and capacity, drive innovation and productivity, and promote good governance, according to Francesca Spidalieri, senior fellow for cyber leadership and author of the report. At the same time, few states are considering the exposure and costs of less resilient critical services, data breaches, theft of intellectual property and sensitive information, and the impact of e-fraud and e-crime, all of which lead to a weaker economy and unstable national security.

While the study paints a grim picture, Spidalieri identifies eight states that have recognized cybersecurity as a priority and have made a strong commitment to increase their security and resilience against cyber threats. “These states are exercising their responsibility through both government action by leveraging policies, plans, laws, regulations and standards, and by providing the right set of incentives and assistance for other stakeholders,” Spidalieri said.

States that lead the way in their commitment to protect infrastructure, information, and operations include California, Maryland, Michigan, New Jersey, New York, Texas, Virginia, and Washington.

“With greater and greater frequency, state governments are falling victim to an array of cyber threats, including data breaches, tax fraud, and political hacktivism,” said Pell Center Executive Director Jim Ludes. “This new study shines a light on the states that are leading the way in preparing and mitigating for these threats so that others can follow.”

The study affirms how important it is for cybersecurity measures to be enforced at the state level in order to protect citizens and reduce cyber risks. Maintaining the most recent security products, tools, and plans is just as important as educating users in the proper practices to reduce their cyber risks. The initiatives exemplified throughout this new report provide models for other states and jurisdictions to follow and offer a useful set of effective mechanisms and activities at the state-level to put recommended action into practice.

“Local and state governments, just like the federal government, hold the information of millions of people and depend on information communication technologies and the Internet to provide a number of services to their citizens, to maintain critical infrastructure as public utilities, to share information across states and federal networks, and to make sure that first responders receive the data they need in crisis situations,” Spidalieri said. “This is why it is critical that states protect their cyber infrastructure and digital investments and develop comprehensive plans to increase their preparedness and resilience.”

“State of the States on Cybersecurity” is part of the ongoing Cyber Leadership Project at the Pell Center and follows previous reports that investigate critical issues in cybersecurity leadership development across the United States.