The data contained in the September 30 edition of the biennial cybersecurity report from Deloitte and the National Association of State Chief Information Officers (NASCIO) is, to put it mildly, somewhat alarming. 

The research for the report included surveys with Chief Information Security Officers from all 50 states and the District of Columbia and here are some of its findings. 

• 86% of state chief information security officers (CISOs) say their responsibilities are growing

• More than one-third do not have a dedicated cybersecurity budget. 

• Federal agencies generally earmark more than 10% of their IT budgets for cybersecurity, yet many states have not dedicated resources at the same pace.

• Four of the CISOs surveyed said their IT budgets allocate less than 1% for cybersecurity.

• 71% of respondents believe the risk of AI-enabled threats is “high. But 41% lack confidence in their team’s ability to handle them. 

As if things weren’t bad enough, according to the report, “The stresses of the pandemic have also translated into turnover at the top. It’s no secret that security professionals work under enormous strain, with a number of recent studies and surveys citing frequent burnout. Since our 2022 survey, nearly half of the states—23 of them to be exact—have new CISOs. The median tenure of a state CISO is 23 months, down dramatically from 30 months two years ago. However capable and talented these new leaders may be, turnover can be disruptive.”

There is some good news in the report, however, "Many state CISOs have been able to increase employee headcounts, adding specialists to their teams who are focused on cybersecurity-related issues," according to Meredith Ward, deputy executive director at NASCIO and a co-author of the report. "In 2020, 16% of CISOs had fewer than five employees dedicated to cybersecurity initiatives. Today, that percentage has dropped to just 4%. In addition to growing their teams, our research found these leaders are determined to find creative solutions to protect their organizations and the public."

#StateandLocalTechnologyManagement #StateandLocalGovernmenManagment #StateandLocalGovernmentData #StateCybersecurity #StateCyberattackPreparedness #StateCISOTurnover #StateTechnologyTurnover #ChiefInformationSecurityOfficers #CISO  #Deloitte #NASCIO #StateandLocalHumanResources #StateTechnologyWorkforce #StateCybersecurityBudgeting #StateGovernmentBudgeting #DedicatedCybersecurityBudget #CybersecurityWorkforce #StateandLocalPublicAdministration #BiennialCybersecurityReport #CISOSurvey #BandGWeeklyManagementSelection #StateandLocalManagementNews #BarrettandGreeneInc