The National Governor's Association announced Thursday its plans to work together with seven state governments to enhance their statewide cybersecurity readiness and response capabilities.
Colorado, Michigan, Mississippi, New York, Oregon, Pennsylvania and Tennessee were competitively selected to participate in the program, the organization announced.
Governors will be responsible for putting together interdisciplinary teams to investigate best practices in a number of critical areas: these include cybergovernance, critical infrastructure cybersecurity, response planning, cyberworkforce resilience and state and local partnerships.
Maggie Brunner, NGA program director for homeland security and public safety, said that NGA adds value to state government by allowing a space for interdisciplinary collaboration to take place. The program's series of workshops will take place between August and December 2020, giving state officials the opportunity to engage in planning development in their selected area.
This year, Colorado will be focusing on state and local partnerships; Michigan on cyberworkforce development; Mississippi and Oregon will both look at cyberincident response planning; Pennsylvania will focus on critical infrastructure cybersecurity; and New York and Tennessee will both look at cybergovernance.
NGA developed these planning areas through ongoing conversations with governors and state officials about their biggest gaps and challenges, said Brunner. Some areas, like incident response planning, can be continually improved upon and NGA workshops are a good opportunity for that, she said.
"By now every agency should have an internal incident response plan that they should be continually tweaking, but statewide cyberincident response planning... is helpful for figuring out [things like] how do we do mutli-agency coordination, how do we come together in a unified response?" she said.
Other areas, like state and local partnerships, could still use a lot of work and the workshops will provide an important forum through which officials can discuss strategy, she said.
"A lot of these major instances in 2019 with ransomware have been against local municipal government. So what is the state's role, particularly given that a lot of times they don't have the power to mandate a particular course of action or cyber investment? [The question is] how do we create relationships and voluntary partnerships around that?" said Brunner.
The COVID-19 outbreak has obviously delayed the rollout of some of these projects, but Brunner said that is totally understandable given the circumstances.
The program is supported by the NGA's Resource Center for State Cybersecurity.
Government Technology is a sister site to Governing. Both are divisions of e.Republic.