RSA 2017: Unified Front Necessary for Sufficient Cyberprotection

Virginia Gov. Terry McAuliffe discussed some of the challenges present in the cybersecurity space; his state's cyberstrategy; and that cooperation, education and a united front are necessary for the U.S. to ensure sufficient protection against cyberattacks.

SAN FRANCISCO — On Feb. 14, Virginia Gov. Terry McAuliffe told 2017 RSA Conference attendees that among the many challenges facing state government today, cooperation from the federal government was a frustrating endeavor. Partisan politics in Washington, D.C., he said, has impeded progress and left the states to do much of the heavy lifting on their own. 

The state's 72nd governor also said states face a unique threat in that they manage massive amounts of constituent data, more so than the data stores at the federal level, he said. 

One suggestion McAuliffe raised was that of a unified national cybersecurity framework that encompass what he called “basic protocols.” Efforts to organize at the state level through the National Governors Association have resulted in constructive conversations and good progress, but he warned that the collective partnership is only as strong as its weakest link. 

“If we have a great system in Virginia today, it really doesn’t matter if we keep folks out if we have the same health-care provider as some state out west, hypothetically, a smaller state that isn’t doing anything," McAuliffe said. "I don’t have to tell you folks, they will come in through a back door …”

He said that although 10 to 15 of the state partners have “leaned in” to meet cybersecurity challenges head on, others have not been as aggressive in their efforts. What’s more, he said, is that the federal government has not been as engaged as he or others in his position would like.

“We’re trying to get all the states up to do what we need to do. I wish the federal government could do this, but it’s very hard due to partisan politics, they haven’t been able to take the lead on this.” 

Though he said cooperation from the federal level has been slow to come, he is hopeful the Trump administration will work toward common goals.

The larger security challenge extends to the local level as well. With state-to-state and state-to-federal cooperation evolving, McAuliffe said states also must look internally at their local-level partners to improve network security. 

But the need for better education around cyber throughout all levels of schooling, the Trump administration’s immigration policies and the role of the private sector in these efforts also played into McAuliffe’s remarks.

The governor has been an advocate for more cyber-related school initiatives, and openly says he is in need of trained individuals to take the state’s more than 30,000 open technology jobs. He compares the educational shift toward more technology-heavy curriculum to being like “moving an aircraft carrier.”

“Sure, we should have done this 10 years ago, but now we are really turbocharging it,” he said. “I think our schools need to do a better job about thinking about our students and what they are going to be doing in the future. I don’t think enough institutions of higher education put enough emphasis on their graduating students, what’s the field they're going into and are they getting jobs when they get out.” 

One such initiative the governor mentioned was state employment for scholarship funds.

When broaching the recent controversy surrounding President Trump's executive order limiting immigration from seven predominately Muslim nations, the Virginia governor said that it's not about politics. "It’s about how we move ahead as a nation.”

McAuliffe added that the executive order was “nonsense” that must stop. And from the technology industry's perspective, it has collectively spoken out about the immigration ban — and the stifling effect it would have on talent coming into the country.

Eyragon Eidam is the Web editor for Government Technology magazine, after previously serving as assistant news editor and covering such topics as legislation, social media and public safety. He can be reached at