How states stack up on cyber readiness


A blueprint for cyber disruption response

What: An issue brief from the National Governors Association, titled “State Cyber Disruption Response Plans.”

Why: With government's growing dependence on technology comes the increase in cyber threats and cybercrime as well as the possibility for wide-scale cyber disruption – incidents that threaten national security, the economy or public health and safety and require coordinated response across emergency and homeland security operations. To prepare for those threats, agencies must develop comprehensive plans that allow them to respond appropriately.

Findings:  NGA outlined the cyber disruption response plans that 15 states have in place to recover from cyber incidents that pose large-scale. The brief compared the state-level response plans to each other and also to the National Cyber Incident Response Plan created by the Department of Homeland Security to help states develop or revise their own response plans. It then categorized its recommendations for states that want to develop or revise their plans into five goals: 

  • Integrating the state cyber response plan with emergency operations plans.
  • Developing a severity schema.
  • Establishing leadership structures.
  • Defining roles and responsibilities.
  • Optimizing cybersecurity response.

Each goal includes specific recommendations that directly contribute to the success of the goal. 

Many of the recommendations are relatively standard such as appointing a senior official to facilitate communication between the state and the federal government. This would help increase coordination in the event of an attack and help reduce miscommunication. 

Other recommendations were less conventional, such as developing an auxiliary cybersecurity force of volunteers akin to a volunteer fire department. These vetted experts can provide assistance in case of a large-scale cybersecurity incident which can drain state resources very quickly. 

The recommendations were designed to help states develop a strong, yet realistic, plan they can adapt to fit their needs. 

Verbatim: “Strengthening state preparation for and response to a significant cyber incident is critical to achieving national resiliency. Significant cyber incidents could affect CI across state lines and stretch the federal government’s ability to respond.”

More: Read the full report here.

About the Author

Anoushka Deshmukh is an intern with Public Sector 360, writing for GCN, FCW and Defense Systems.


  • Records management: Look beyond the NARA mandates

    Records management is about to get harder

    New collaboration technologies ramped up in the wake of the pandemic have introduced some new challenges.

  • puzzled employee (fizkes/

    Phish Scale: Weighing the threat from email scammers

    The National Institute of Standards and Technology’s Phish Scale quantifies characteristics of phishing emails that are likely to trick users.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.