Just as cybersecurity is a shared responsibility, so is effective recruitment and retention of qualified state cybersecurity personnel. The consequences of a constrained state cybersecurity workforce are becoming increasingly hard to ignore.
State governments are facing unprecedented workforce constraints at a critical juncture in time as the Great Resignation, COVID-19 and other economic pressures have drastically altered the labor market. Recruiting and retaining a qualified workforce is increasingly difficult and presents distinct challenges to the cybersecurity industry, an industry that is feeling the impacts of a global shortage of 3.4 million workers.
As part of the 2022 Deloitte-National Association of State Chief Information Officers (NASCIO) Cybersecurity Study, state chief information security officers (CISOs) agreed that an inadequate availability of cybersecurity professionals is the second highest barrier to addressing states’ cybersecurity needs. Only legacy infrastructure and solutions to support emerging threats ranked higher. Simply put, states are not poised to face existing and future cybersecurity threats if they cannot first fulfill their workforce requirements. To rise to the challenge, state leaders must collaborate and share ideas to achieve results-driven solutions.
To that end, NASCIO and the National Governors Association (NGA) partnered to assist states in identifying the concrete actions they can take now to bridge the cybersecurity workforce gap. NASCIO and NGA convened Governors’ policy advisors, state information technology and cybersecurity leaders, workforce professionals and other experts to provide a forum for sharing experiences and best practices. This publication details the current state of play and summarizes the insights aggregated during this meeting, as well as previous related efforts by NASCIO and NGA to facilitate discussion on this topic.