State cybersecurity organizations in ‘heightened risk environment,’ according to report
As state and local cybersecurity organizations across the United States emerge from a few difficult years, one aspect of the future is for certain: It will be shaped by the same digital advancements that, since the pandemic’s outset, have propelled the nation into an unprecedented era of technological innovation in the public sector.
“While it may take years to know which transformations wrought by the pandemic will endure, we know that digitization has accelerated. The social distancing required by the health crisis made digital and mobile platforms the crux of work and daily life,” reads the introduction to the seventh biennial report from Deloitte and the National Association of State Chief Information Officers (NASCIO), the “2022 Deloitte-NASCIO Cybersecurity Study.”
While the report was written for state chief information security officers (CISOs), it outlines key challenges faced by public cybersecurity organizations at all levels: attracting and retaining enough talent; embracing all areas of cyber defense, from state agencies to local governments; and setting new budgetary directions, with different and updated expectations.
“State CISOs played critical roles helping the country successfully navigate the twists and turns of the pandemic, and this year’s survey identifies the steps needed to grow this increasingly public role and meet the current and future challenges faced by state agencies,” said Meredith Ward, director of policy and research at NASCIO and a co-author of the study.
In both the private and public sectors, “The demand for high-skilled workers has grown even more acute. … Reassessing their life choices during the COVID-19 pandemic, many employees joined the Great Resignation, and millennial and Gen Z workers are more carefully choosing workplaces that reflect their preferences,” the report says.
In a survey conducted by the officers organization and noted in the report, 52 percent of respondents cited legacy infrastructure and outdated solutions as the primary barrier preventing them from addressing cybersecurity challenges. Inadequate availability of cybersecurity professionals was listed second (50 percent), followed by not enough staffing (46 percent) and decentralized IT and security infrastructure. Increasing sophistication of threats was also noted (29 percent).
To read the complete article, visit American City & County.
Gloss