cyberattack1160100043432orig
Security

US state officials worry about their ability to respond to cyberattacks

Many states aren't confident of their ability to respond to cyberattacks on physical infrastructure such as water and electric systems, U.S. emergency response officials say.

The U.S. government could do several things to help states improve their response to cyberattacks, including increased funding for technology training programs, cybersecurity experts told a House of Representatives committee Tuesday.

States have difficulty hiring top cybersecurity employees, said Steven Spano, president and COO of the Center for Internet Security. Cybersecurity workers are a "high-demand, low-density asset," the former Air Force general told two subcommittees of the House Homeland Security Committee.

Meanwhile, states are uncertain about their ability to respond to cyberattacks, lawmakers noted. For four years in a row, states have ranked their ability to respond to cyberattacks at the bottom of a list of emergency response competencies when surveyed by the Federal Emergency Management Agency, noted Representative Dan Donovan, a New York Republican.

"I am worried that it's only a matter of time before the hackers are successful" in compromising the electric grid, the water system, or some other essential service, added Representative Donald Payne, a New Jersey Democrat.

Part of the problem for states is a lack of funding, said Mark Raymond, CIO for the state of Connecticut and vice president National Association of State Chief Information Officers. 

Most states spend just 1 percent to 2 percent of their IT budgets on cybersecurity, while the federal government spends about 15 percent, Raymond said. 

Like Spano, Raymond noted the difficulty of hiring cybersecurity professionals, with states competing with private industry for the best people. Cybersecurity workers are the "most difficult to recruit and retain for states," he said. "State government salary rates and pay structures are the biggest challenges in bringing on IT talent."

Neither Spano nor Raymond gave lawmakers statistics about open cybersecurity positions in state governments.

Another area of concern is cyberthreat information sharing, witnesses said. While sharing between the federal government and states has improved in recent years, much of that information is classified, said Lieutenant Colonel Daniel Cooney, assistant deputy superintendent in the Office of Counter Terrorism for the New York State Police.

"We cannot share useful contents with many of customers unless the classification is downgraded," he said.

IDG Insider

PREVIOUS ARTICLE

« Facebook's plan to disrupt cellular gets big-name support

NEXT ARTICLE

Update to Google Docs, Sheets, Slides lets them automatically save recent files offline »
author_image
IDG Connect

IDG Connect tackles the tech stories that matter to you

  • Mail

Recommended for You

International Women's Day: We've come a long way, but there's still an awfully long way to go

Charlotte Trueman takes a diverse look at today’s tech landscape.

Trump's trade war and the FANG bubble: Good news for Latin America?

Lewis Page gets down to business across global tech

20 Red-Hot, Pre-IPO companies to watch in 2019 B2B tech - Part 1

Martin Veitch's inside track on today’s tech trends

Poll

Do you think your smartphone is making you a workaholic?