As part of the National Governors Association’s (NGA) ongoing effort to address cybersecurity, one of the most significant homeland security challenges facing the nation, NGA released Act and Adjust: A Call to Action for Governors for Cybersecurity. The paper provides strategic recommendations governors can immediately adopt to improve their state’s cybersecurity posture. Act and Adjust: A Call to Action for Governors for Cybersecurity builds on the advice of national experts and practitioners from both the public and private sectors and recommends that states:

  • Establish a governance and authority structure for cybersecurity;
  • Conduct risk assessments and allocate resources accordingly;
  • Implement continuous vulnerability threat monitoring practices;
  • Ensure compliance with current security methodologies and business disciplines; and
  • Create a culture of risk awareness.

Gov. Snyder and Maryland Gov. Martin O’Malley have led NGA’s Resource Center for State Cybersecurity since October 2012 and have been examining the role of state policy in ensuring adequate cybersecurity for state-owned and state-based infrastructure, including data and communication systems, banking and financial records, water systems and the electrical grid.