Internet Explorer 11 is not supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Five Reasons Why Cybersecurity Should Be a Priority for Public Officials

Without action, government investments in information, communications and technology improvements could be derailed.

Carousel Web security
Ever since Internet usage started taking off in the 1990s, elected officials have pushed for more efficiency in delivering services to citizens via the Web. After more than a decade of technological innovation, governments now offer extensive online capabilities in every state — most available 24x7x365.

What's clear is that citizens like government websites. According to the 2010 Pew Internet and American Life survey, "Fully 82 percent of Internet users (representing 61 percent of all American adults) looked for information or completed a transaction on a government websites." And with the rapid adoption of smart phones and other high-speed mobile devices - along with constantly improving broadband networks and new consolidations and partnerships among public-sector agencies — governments are offering information and services online like never before.

But with these opportunities comes new risk. "Our computing systems cannot just be secure — they should be unfailingly trustworthy," Microsoft founder Bill Gates told a World Economic Forum several years ago. "We should be able to rely on them as we in the developed world rely on electricity or a telephone service today."

Unfortunately, cyber crime is growing faster than e-government. As of October 1, 2010, privacyrights.org has chronicled 1,749 data breaches made public since 2005 that resulted in more than 510 million records being compromised.

Could our significant investments in information, communications and technology improvements be derailed? Yes, but we can't let it happen. What's at stake is more than just protecting government networks or websites. Neglect regarding cyber security can:

1) Undermine the reputation of both the government and elected officials;
2) Force unacceptable expenditures associated with the cost of cleaning up after security breaches;
3) Cripple governments' abilities to respond to a wide variety of homeland security emergency situations or recover from natural or man-made threats;
4) Disable elected officials' ability to govern.

Right now, newly state and local government administrations are setting priorities for their first 100 days in office. And for the next four years, they must keep trustworthy computing high on their "to do" lists. It is imperative that our digital infrastructure not only survive, but thrive, to enable increased government efficiency and innovation.

Here are five things that new governors and other senior elected officials need to do:

1) Empower a trusted Chief Information Security Officer (CISO) to lead this effort. Using the state Homeland Security Advisors/Coordinators as a model, each governor should create a CISO with real clout, someone who can work across local/state/federal lines.

2) Build a comprehensive cyber security plan modeled after the Federal Cybersecurity Initiative (currently mandated for all federal agencies). This plan should encompass traditional law enforcement partnerships as well include cyber issues within new state and local fusion centers.

3) Establish clear command and control for all cyber security incidents. Cyber emergency management situations should follow the processes directed in the National Incident Management System. Local, state and federal efforts need to be coordinated and escalated as appropriate in cross-boundary situations.

4) Enable more trusted transactions online. Accelerate innovation by building the foundation for digital identity management. Start by reviewing the "National Strategy for Trusted Identities in Cyberspace." Work with groups like the National Association of State CIOs and the National Governors Association on federated digital identity efforts.

5) Think "people, process and technology" when implementing cyber security solutions. The majority of cyber solutions require cultural change. A robust training program is needed within government and for students, parents, educators and all segments of society. Elected officials have an opportunity to lead by example when it comes to Internet safety.

One final thought: When it comes to cyber risk, you can never outsource the responsibility. Getting private-sector help makes sense, but the government will always answer to the public when business functions are not available. Therefore, it all starts with making cyber security a priority. Building trust online will both reduce risk and enable innovation.

(Excerpts from this item appeared in a sidebar to "Data Lockdown," in the December 2010 issue of Governing.)

Zach Patton -- Executive Editor. Zach joined GOVERNING as a staff writer in 2004. He received the 2011 Jesse H. Neal Award for Outstanding Journalism
Special Projects
Sponsored Stories
Sponsored
In recent years, local governments have been forced to adapt to a wildly changing world, especially as it pertains to sending bills and collecting payments.
Sponsored
Workplace safety is in the spotlight as government leaders adapt to a prolonged pandemic.
Sponsored
While government employees, students and the general public had to wait in line for hours in the beginning of the pandemic, at-home test kits make it easy to diagnose for the novel coronavirus in less than 30 minutes.
Sponsored
Governments around the nation are working to design the best vaccine policies that keep both their employees and their residents safe. Although the latest data shows a variety of polarizing perspectives, there are clear emerging best practices that leading governments are following to put trust first: creating policies that are flexible and provide a range of options, and being in tune with the needs and sentiments of their employees so that they are able to be dynamic and accommodate the rapidly changing situation.
Sponsored
Service delivery and the individual experience within health and human services (HHS) is often very siloed and fragmented.
Sponsored
In this episode, Marianne Steger explains why health care for Pre-Medicare retirees and active employees just got easier.
Sponsored
Government organizations around the world are experiencing the consequences of plagiarism firsthand. A simple mistake can lead to loss of reputation, loss of trust and even lawsuits. It’s important to avoid plagiarism at all costs, and government organizations are held to a particularly high standard. Fortunately, technological solutions such as iThenticate allow government organizations to avoid instances of text plagiarism in an efficient manner.
Sponsored
Creating meaningful citizen experiences in a post-COVID world requires embracing digital initiatives like secure and ethical data sharing, artificial intelligence and more.
Sponsored
GHD identified four themes critical for municipalities to address to reach net-zero by 2050. Will you be ready?