Over the past three years, the acceleration of digitization and the increasing sophistication of technology have multiplied the cyber risks faced by state and local governments.
Today’s threats range from foreign state-sponsored espionage and zero-day attacks to sophisticated phishing attempts, ransomware and malware.
States know enhanced cybersecurity efforts can help reinforce the public’s trust in government technology systems. That’s why many are turning to Chief Information Security Officers (CISOs) to chart new strategies and invest more in cybersecurity programs.
The annual Deloitte-NASCIO Cybersecurity Survey found that CISOs in all 50 states are taking a variety of approaches to protect the security of information while supporting high-quality public services.
Deloitte’s 2022 national survey of CISOs indicates that more than half (52%) are concerned about their state’s legacy infrastructure. Among the top five cybersecurity challenges are: inadequate availability of cybersecurity professionals (50%), inadequate cybersecurity staffing (46%), decentralized IT and security infrastructure and operations (38%) and increasing sophistication of threats (29%).
Here in the Sunshine State, Jeremy Rodgers serves as Florida’s CISO as part of the Florida Digital Service, led by Florida’s Chief Information Officer (CIO) Jamie Grant, and focuses on cybersecurity, project support and workforce development.
The Florida Digital Service has been focused on strengthening cybersecurity for the state and providing critical support to state agencies so they can deliver better service and provide greater transparency to Floridians.
In one example of their efforts, the Florida Digital Service has supplied design and technology training to more than 500 professionals across 33 government agencies during the last two years. And in FY22, the Florida Legislature distributed more than $110 million to expand cybersecurity resiliency and help protect local governments against security threats.
Deloitte’s report found that “attracting, retaining and continually training a cybersecurity workforce primed for the future has become more difficult.”
Staffing has certainly been important in Florida where Grant has said that growing and strengthening the workforce is a top priority.
Deloitte’s report offers two recommendations for CISOs working to compete for talent and close their workforce gap:
— Transform state employment practices to attract the next generation of workers. Remote work options, up-to-date technology tools and a shorter hiring cycle are a few of the tactics offered to help transform the process.
— Turn to external resources to fill the gap. CISOs can rely on third-party vendors not only for securities operations functions but also forensic and legal support and cyberthreat risk assessments.
Criminals and foreign adversaries will never stop targeting our systems, but states can thwart cyber risks by continuing to invest in a skilled IT workforce, as well as bolstering coordination and security infrastructure across state agencies and using modern tools and technologies.