Information technology is no longer simply an enabler of government; it is ubiquitous in and crucial to every aspect and function of government. Governors, today you need to be as prepared to respond to IT-related disasters as they are for hurricanes, wildland fires and floods. A poorly managed disaster can tie up a governor’s agenda, potentially for years to come.
In preparation for IT and cybersecurity-related crises, incoming governors need to be familiar with the concerns of their Chief Information Officers (CIOs) and Chief Information Security Officers (CISOs). A great place to start is the National Association of State Chief Information Officers (NASCIO). NASCIO recently published its annual list of the Top 10 Policy and Technology Priorities for state CIOs. New governors, it’s strongly encouraged to keep these priorities in mind as you prepare for the upcoming budget cycle.
For the last 10 years, the number one concern of state CIOs has been cybersecurity and risk management. This includes a range of underlying issues, such as governance, budget and resource requirements, security frameworks, data protection, training and awareness, insider threats and third-party risk. While governors don’t need to understand the bits and bytes of cybersecurity, they should, at a minimum, understand the threats their states face and the negative impacts of a successful attack.
There are a number of immediate actions that all governors, especially new governors, can take to ensure they understand the threats they face and are as prepared as possible to respond to a successful cyber attack:
These are just a few foundational actions governors can take. At its heart, governors must understand that cybersecurity is not an end state. Rather, it’s an ongoing core business function of government. Good security goes beyond “checkbox security" and establishes holistic, consistent, and dynamic security practices that evolve as threats evolve and gubernatorial leadership is essential.
As states have modernized their technologies, so have the attackers. The result is that governors must remain ever vigilant to ensure continuity of services and the protection of their citizens. Towards that end, in addition to the perspectives their CIOs and CISOs can provide, governors can also benefit from broader initiatives, such as the National Governors Association’s Resource Center for State Cybersecurity and Palo Alto Networks Security Roundtable.
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.