Despite budget squeeze, state and local governments must shore up cyber posture

Eight months ago, state and local governments (SLG) faced hard technology and budgetary choices when they were forced to support the pivot to remote telework by most or virtually all of their employees as the coronavirus pandemic took hold. Work typically performed from relatively secure, in-office enterprise networks had to be undertaken remotely and from home networks, straining security infrastructure.

The challenge was in getting these workers up and functioning, often while the IT staff itself was working remotely. The focus was on establishing connectivity and access to the needed data and computing assets, leaving myriad possibilities for user error or misconfiguration to expose data — or for attackers to target these new business practices and less secure home network infrastructure.

According to information compiled by the National Association of State Budget Officers, many states have already directed agencies to plan for possible budget reductions —with many governors cautioning that the full fiscal impact of COVID-19 is not yet known and that there will be more tough funding decisions ahead.

Governments have to be extra savvy and nimble in making everything work — and to ensure that security is not lost in the process. Back in March, it was all about making sure employees could work remotely and to ensure that digital citizen services continued uninterrupted.

Numerous IT and cybersecurity officials, however, were seen as valuable team members and, in some cases, even the heroes in enabling the successful pivot to remote work. As a result, IT and cybersecurity may be understood and appreciated by leaders across government and recognized as more mission relevant than ever before.

This has implications for the role of cybersecurity in digital transformation within state and local government. NASCIO noted that nearly half of all US states do not have a dedicated cybersecurity budget – and that in most states, cybersecurity budgets are between 0-3 percent of their overall IT budget, compared with an average of more than 10 percent in the private sector. That presents a risk, but the recent pivot created a window of opportunity for IT and security leaders to capitalize on in identifying secure digital solutions for their agencies and in strengthening collaboration between IT and cybersecurity.

To read the complete article, visit American City & County.