WASHINGTON—As part of the National Governors Association’s (NGA) ongoing effort to address cybersecurity, one of the most significant homeland security challenges facing the nation, Michigan Gov. Rick Snyder today briefed the Congress on governors’ efforts to protect citizens and our economy against cyber attacks.
“As governors, we are directly responsible for ensuring the security of a wide array of state-owned assets and personally identifiable information such as tax records, driver’s licenses and birth records,” said Gov. Snyder. “We also play a critical role in ensuring that private-sector assets within our states are secure.”
Gov. Snyder and Maryland Gov. Martin O’Malley have led NGA’s Resource Center for State Cybersecurity (Resource Center) since October 2012 and have been examining the role of state policy in ensuring adequate cybersecurity for state-owned and state-based infrastructure, including data and communication systems, banking and financial records, water systems and the electrical grid.
Through the work of the Resource Center and NGA’s Office of Federal Relations, governors are identifying opportunities to enhance the state-federal partnership to address cybersecurity challenges. They also are working through the Council of Governors to expand the role of the National Guard in addressing the cybersecurity needs of both states and the federal government.
During the event, Gov. Snyder released Act and Adjust: A Call to Action for Governors for Cybersecurity, a paper that provides strategic recommendations governors can immediately adopt to improve their state’s cybersecurity posture. A Call to Action builds on the advice of national experts and practitioners from both the public and private sectors and recommends that states:
- Establish a governance and authority structure for cybersecurity;
- Conduct risk assessments and allocate resources accordingly;
- Implement continuous vulnerability threat monitoring practices;
- Ensure compliance with current security methodologies and business disciplines; and
- Create a culture of risk awareness.
The governor also released an electronic dashboard designed to provide governors an overview of their state’s cybersecurity environment and to assist them in monitoring implementation of the paper’s recommendations. The dashboard is currently being pilot tested in Michigan and Maryland in conjunction with the Multi-State Information Sharing & Analysis Center.
Through the Resource Center, governors are exploring other vital areas, including:
- The role of fusion centers;
- Enhancing the cybersecurity of energy systems and the electrical grid; and
- Developing a trained cyber workforce.