Today’s Cybersecurity Checklist Priorities (Contributed)

States and localities face multiple challenges when it comes to data protection. Having the right tools and services in place can make a crucial difference in today’s tough cybersecurity environment.

by Jim Richberg / May 12, 2020
Shutterstock/Blackboard

When it comes to cybersecurity in government, most conversations have focused on the federal level. However, the moves made at the national level foreshadow what’s in store for state and local government. Dig deep into the body of proposed federal legislation, and you’ll find more than a few references to state and local security needs. 

This all points to a growing, nationwide focus on what can be done to secure critical infrastructures that state and local governments are responsible for. For most citizens, state and local services are a major part of their daily lives. They include everything from education and public safety to elections, the roads we drive on and the water we drink — and that means cybersecurity must be a foremost concern.  

The Five Challenges 

Cybersecurity challenges at state and local government agencies may be even more complex than those faced by federal security teams. The broad array of services offered by states, counties, cities and towns means agencies have to support these services with relatively fewer resources than their federal peers. Let’s take a look at five important cybersecurity challenges at the state and local level.

Valuable, Sensitive Data That’s Attractive to Criminals: Water and sewage systems, roads, public transportation, driver’s licensing, police and fire departments, libraries and schools are all run by state and local entities. Not only do these organizations provide critical services, but many also collect and store citizens’ personally sensitive data. By nature of the data collected, these organizations are rich targets for cybercriminals. 

Personnel Constraints: State, and even more so local, governments are affected by the growing cybersecurity skills gap. This nationwide workforce shortage has an especially acute impact on municipal organizations’ ability to attract and retain an IT workforce of adequate size and skill — particularly when competing with the private-sector marketplace for talent. In some cases, there’s no professional IT and cybersecurity support for local government officials due to resource constraints and the small size of local government.

Budgetary Constraints: While recent emphasis on improving cybersecurity at the state and local levels has been welcome, growing COVID-related economic pressures mean that states and local jurisdictions, which are legally prohibited from running a deficit, are increasingly likely to relegate cybersecurity to the category of a “nice to have but non-essential” budget item. This places a premium on ensuring that these governments get the maximum impact from their limited cyber resources, both money and people.

Expanding Footprint: Agencies in the midst of digital transformation grapple with more devices, software licenses, apps and services than ever. With the expanding role of IoT and the growth in cloud adoption rates, it seems that digital footprints are expanding by the minute. With so many products and services from different vendors, it is hard to achieve visibility into threat activity, monitor the network and secure environments. 

Compliance: With less visibility and control over their expanding network, IT teams are finding that they are more likely to experience compliance problems. Who is operating which device, and does their access comply with regulations or best practices? What apps are being used by agency employees, and are they secure? When considering the number of employees in the typical state and local ecosystem, as well as the fact that most breaches are a result of human error, it is clear why compliance remains a challenge. 

What Are the Right Tools and Services?

Agencies also need help choosing and implementing the right tools and services to keep their networks protected. The tools used to secure these networks should be able to address the greatest challenges that state and local government security professionals are facing every day. Here is a short checklist of what these tools should provide:

  • Secure access. State governments typically work with a number of third parties and vendors who are given access to these networks. Logins should be authorized, of course, but there should also be a multilayered approach in place, including multi-factor authentication.
  • Integrated security. When it comes to threat management, security should be deployed across the entire system, from mobile endpoints to core networks to branch and field offices. Integration of these tools and functions can enable IT teams to handle operations through a single, centralized “pane of glass.”
  • Remote location security. SD-WAN should be employed at branch and remote locations to enhance productivity and reduce costs. The SD-WAN option chosen should integrate security, connectivity and network functionality into a single product that is simple to deploy, use and manage. 
  • Advanced threat detection. With the speed and complexity of today’s cyberthreats, security teams need help in responding quickly to an event. AI-driven automation is key not only for a quick response, but also for maximizing the impact of limited security resources.
  • Automated and integrated capabilities. Especially for those jurisdictions that lack adequate cybersecurity staff, it is important that cybersecurity solutions offer a “zero touch” plug-and-play configuration and fully automated adaptive operation.

State and local agencies have a unique set of challenges that make government cybersecurity particularly complex. Resource constraints, a rapidly evolving IT environment, increasing citizen demand for digitally enabled services, and a changing threat landscape will continue to challenge state and local IT officials. Preparation for secure and sustainable operations must be integrated into planning starting on day one when state and local governments consider how to build out or expand digital services.

Jim Richberg is a Fortinet field CISO. He served as national intelligence manager for cyber and was the senior federal executive focused on cyberintelligence within the $80+ billion U.S. Intelligence Community (IC) annual operating budget. He was the senior adviser to the director of National Intelligence (DNI) on cyberissues and set collection and analytic priorities for the IC's 17 departments and agencies on cyberthreats.

Platforms & Programs