Apr 16 2019
Management

States Must Commit to Cybersecurity Budgets

A lack of dedicated funding could stymie efforts to protect government networks.
Ryan Petersen
by

Ryan Petersen has worked in publishing for more than two decades, most of it spent creating award-winning content and strategy for CDW’s family of tech magazine brands. As editor-in-chief, he works with his team to develop compelling and useful industry-focused stories to share with the technology world. Outside of work, Ryan enjoys spending time with his children, traveling, online gaming, and following Iowa Hawkeye sports and Cubs baseball.

Arizona CISO Mike Lettman shared a remarkable story in a discussion during the National Association of State Chief Information Officers’ 2018 Annual Conference.

Until recently, the Arizona state IT department lobbied the legislature annually for cybersecurity funding. If the funding didn’t come through one particular year, a lack of money could have forced Arizona to turn off its cyber defenses, Lettman said.

In 2018, Arizona’s CIO and CISO won dedicated funding for cybersecurity in the state budget — a major victory in fully executing its cybersecurity strategy. Dependable cybersecurity spending reduced overall risk for the state, Lettman said.

The New America think tank recently applauded Arizona’s strategy and how it has established a strong public-private partnership to support it. And that’s key to Lettman’s fight. His efforts would have been wasted if he didn’t have the tools to carry out his strategy.

Cybersecurity_IR_howstrong_700x220.jpg

CIOs and CISOs Face Hurdles in Cybersecurity Conversations

Four in 10 state and local IT leaders lack the tools to identify and report vulnerabilities in their networks, according to a study conducted last year by CyberScoop and StateScoop, and underwritten by Tenable.

Two-thirds of respondents asserted that communicating risks to state and local officials remains challenging because officials don’t comprehend the technology and risks, nor can they grasp the metrics.

Roughly half of states do not have a dedicated cybersecurity budget, according to NASCIO. Undoubtedly, this lack of dedicated funding is due in part to the difficulty of communicating the urgency of cybersecurity challenges to lawmakers. Among states that do have a cybersecurity budget, more than a third have experienced no growth or a reduction in their budgets, according to NASCIO’s 2018 survey of the 50 state CIOs.

And this underscores NASCIO’s further suggestion that states might not spend enough on cybersecurity overall. In the survey, NASCIO found that many states allocate only 1 or 2 percent of their IT budgets to cybersecurity, while federal agencies dedicate more — perhaps 5 to 12 percent of their total IT budgets, depending on the agency.

Let’s hope more states follow Arizona’s lead and budget sustained cybersecurity funding for their enterprises.

gorodenkoff/Getty Images

More On

Related Articles

Close

Become an Insider

Unlock white papers, personalized recommendations and other premium content for an in-depth look at evolving IT

Subscribe Now