NASCIO and Deloitte Publish New 2012 Cybersecurity Survey for State Governments

Day 2 at the NASCIO annual meeting, and one hot topic is the new Cybersecurity survey results that were released this morning called

by / October 23, 2012 0

Day 2 at the NASCIO annual meeting, and one hot topic is the new Cybersecurity survey results that were released this morning called

 
Government Technology Magazine wrote a good summary of the security survey panel session which covered the report topic.
 
As I looked at the new survey results, I found several concerning trends that we didn't have time to discuss on the morning panel today. One of those trends was a reduction in vulnerability management implementations and less scanning of critical systems for vulnerabilities and malware. I am also concerned about the lack of trust that CISOs have in the level of expertise on their cybersecurity teams.
 
Another highlight was the majority of states reporting the same or less money for security programs at a time when the private sector is raising Cybersecurity budgets. A mismatch between "executive buy-in" and funding for security raises a red flag for me about how much real support exists.
 
I'm keeping this blog short, but I strongly urge you to go out and read the report and recommendations for CIOs and CISOs. Overall, there is a mixed message with some positive trends but also the realization that many states are not doing enough to secure their systems and data.
 
What are your thoughts on the survey results?
Dan Lohrmann Chief Security Officer & Chief Strategist at Security Mentor Inc.

Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.

During his distinguished career, he has served global organizations in the public and private sectors in a variety of executive leadership capacities, receiving numerous national awards including: CSO of the Year, Public Official of the Year and Computerworld Premier 100 IT Leader.
Lohrmann led Michigan government’s cybersecurity and technology infrastructure teams from May 2002 to August 2014, including enterprisewide Chief Security Officer (CSO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) roles in Michigan.

He currently serves as the Chief Security Officer (CSO) and Chief Strategist for Security Mentor Inc. He is leading the development and implementation of Security Mentor’s industry-leading cyber training, consulting and workshops for end users, managers and executives in the public and private sectors. He has advised senior leaders at the White House, National Governors Association (NGA), National Association of State CIOs (NASCIO), U.S. Department of Homeland Security (DHS), federal, state and local government agencies, Fortune 500 companies, small businesses and nonprofit institutions.

He has more than 30 years of experience in the computer industry, beginning his career with the National Security Agency. He worked for three years in England as a senior network engineer for Lockheed Martin (formerly Loral Aerospace) and for four years as a technical director for ManTech International in a US/UK military facility.

Lohrmann is the author of two books: Virtual Integrity: Faithfully Navigating the Brave New Web and BYOD for You: The Guide to Bring Your Own Device to Work. He has been a keynote speaker at global security and technology conferences from South Africa to Dubai and from Washington, D.C., to Moscow.

He holds a master's degree in computer science (CS) from Johns Hopkins University in Baltimore, and a bachelor's degree in CS from Valparaiso University in Indiana.

Follow Lohrmann on Twitter at: @govcso