Are states ill-equipped to manage cybersecurity?

States step up pace of cyber regulations

With cyberattacks increasing in frequency and complexity, state legislators are stepping up security requirements, according to recent report from Edgile, a cyber risk and regulatory compliance firm.

In 2017, 240 bills and resolutions related to cybersecurity were introduced across 42 states -- more than double the number in 2016 -- and at least 27 states enacted related legislation. Bills and resolutions introduced in 2017 included the targeting of computer crimes, restricting public disclosure of sensitive data and the implementation of workforce security training.

Besides introducing legislation, Illinois, Massachusetts and Washington filed actions against Equifax and Uber based on violations of state and local information protection laws.

As states ramp up legislation, actions by federal agencies suggested "a measure of relaxation of enforcement authority in areas impacting consumer information privacy and security," the company said, citing the repeal of net neutrality and changes at the Consumer Financial Protection Bureau.

“Where the Federal government has either failed to implement uniform legislation addressing personal information privacy issues, or has retreated from regulatory enforcement of existing privacy protections, states have moved to fill the void by enacting their own legislation and strengthening enforcement efforts to protect the privacy interests of their citizens,” Edgile Partner David Deckter said.

Another recent report on the states most at risk found that the cybercrime complaints and estimated losses for 2018 roughly correspond to state population, but Michigan – the 10th most populous state --  ranked fourth in estimated number of cybercrime complaints for 2018 and was expected to have the most complaints per 100,000 residents.

The average yearly growth in the number of complaints is highest in Florida, with more than 1,421 additional complaints each year on average.  New York, by contrast, has reduced its cybercrime complaints by around 349 each year, even though complaints there are the most expensive -- each reported cybercrime costs victims $7,149 on average.

About the Author

Susan Miller is executive editor at GCN.

Over a career spent in tech media, Miller has worked in editorial, print production and online, starting on the copy desk at IDG’s ComputerWorld, moving to print production for Federal Computer Week and later helping launch websites and email newsletter delivery for FCW. After a turn at Virginia’s Center for Innovative Technology, where she worked to promote technology-based economic development, she rejoined what was to become 1105 Media in 2004, eventually managing content and production for all the company's government-focused websites. Miller shifted back to editorial in 2012, when she began working with GCN.

Miller has a BA from West Chester University and an MA in English from the University of Delaware.

Connect with Susan at smiller@gcn.com or @sjaymiller.

inside gcn

  • open doors to cloud (Sergey Nivens/Shutterstock.com)

    New vendors join FedRAMP Connect

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group