How states respond to cyber threats

What: “Cybersecurity for the States: Lessons from Across America,” a report from New America

Why:  With their responsibility to protect databases full of citizens' personal information, secure critical infrastructure, support local government and train the next generation of workers, states must be "laser focused" on information technology and cybersecurity.

Findings: States are responding to the cybersecurity threat in a number ways. The report highlights three mature, scalable state programs that demonstrate different approaches toward cybersecurity.

Arizona is using a community approach. It has partnered with the Arizona Cyber Threat Response Alliance to facilitate cyber threat information sharing. The partnership with ACTRA acts as a buffer between the state and the private sector that encourages participation and "engenders faith in the anonymity and effective dissemination of information," the authors said.

New Jersey has applied a bureaucratic superstructure approach. Its New Jersey Cybersecurity and Communications Integration Cell is a central operations center that coordinates cybersecurity monitoring and incident response services with internal and external stakeholders. The shared services model has increased the breadth and quality of monitoring services, expanded information sharing and offered state and external partners a single point of contact for cyber concerns.

Washington uses a multidisciplinary model that extends cybersecurity responsibility beyond the IT offices to state-based emergency management and military departments. The state's use of the National Guard to improve the defensive posture of critical infrastructure has also contributed to broader avenues for information sharing prior to incidents.

To help states improve their cybersecurity operations, the report lays out three recommendations for the federal government:

  1. Dedicate specific funding mechanisms that are tied to federal priorities that go beyond emergency services and counterterrorism.
  2. Synchronize federal responsibilities and authorities to be able to respond better to threats in the states.
  3. Prioritize the expansion of localized assistance programs through the Departments of Homeland Security and Defense.

Read the full report here.

About the Author

Sara Friedman is a reporter/producer for GCN, covering cloud, cybersecurity and a wide range of other public-sector IT topics.

Before joining GCN, Friedman was a reporter for Gambling Compliance, where she covered state issues related to casinos, lotteries and fantasy sports. She has also written for Communications Daily and Washington Internet Daily on state telecom and cloud computing. Friedman is a graduate of Ithaca College, where she studied journalism, politics and international communications.

Friedman can be contacted at [email protected] or follow her on Twitter @SaraEFriedman.

Click here for previous articles by Friedman.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected