How states stack up on cyber readiness

NASCIO pushes feds for more cybersecurity help

For 2021, the National Association of State Chief Information Officers wants the federal government to address its long-standing cybersecurity concerns. Among its advocacy priorities, NASCIO is pushing for harmonized federal cybersecurity regulations, a dedicated cybersecurity grant program for state and local governments and widespread adoption of the .gov domain.

For many years, states have complained that federal agencies’ various security requirements for exchanging sensitive data places an undue burden on state governments as they struggle to comply with each agency’s standards. In May 2020, the Government Accountability Office found that between 49% and 79% of federal agency cybersecurity requirements had conflicting parameters. NASCIO is urging Congress and agencies to streamline and coordinate their cybersecurity regulations to address duplicate regulations and inconsistent audit practices.

With state cybersecurity budgets less than 3% of overall IT budgets despite growing threats, NASCIO also is asking for a dedicated cybersecurity grant program for state and local governments.  Such a program, NASCIO said, would help state CIOs work with local governments to defend against sophisticated, well-funded attackers. Several bills have been proposed, but none have been signed into law.

The DotGov Act, on the other hand, was signed into law in December 2020.  That legislation moved  the program that manages .gov domain names under the Cybersecurity and Infrastructure Security Agency, which is now tasked with providing technical and financial support for local governments migrating to the .gov domain. NASCIO proposes that CISA remove registration fees to boost adoption, establish a stakeholder advisory group to provide feedback on its outreach strategy and work with local governments to highlight the security enhancements of DotGov.

Besides the cybersecurity issues, NASCIO is pushing for a grant program to help state governments modernize their legacy IT into systems save money, enhance cybersecurity and improve services delivery.

When it comes to broadband expansion, NASCIO wants the federal government to streamline its program-specific funding, which states have found difficult to navigate. It also urges Congress and the Federal Communications Commission to leverage state broadband mapping strategies and to amend the FCC’s data collection processes.

 “Cybersecurity is a critical part of the business of state government and these priorities reflect the importance of a multi-faceted approach to cybersecurity,” NASCIO President and New Hampshire Commissioner and CIO Denis Goulet said. “COVID-19 has also shed light on issues, like modernization and broadband that states have grappled with for years. It is our hope that highlighting these topics in our advocacy priorities will help states confront these challenges.”

About the Author

Connect with the GCN staff on Twitter @GCNtech.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected