A new survey from the National Association of State Chief Information Officers (NASCIO) indicates that California is not unique in working through these issues. Many states are in a similar position.
Of note, 71 percent of survey respondents said their state has developed a cybersecurity disruption responses plan, up from 52 percent in 2015. Separately, 94 percent said they have adopted a cybersecurity framework based on national standards and guidelines, an increase from 80 percent last year.
Here's a summary of state-to-state trends:
More than four in five respondents said only 1 to 2 percent of their state IT workforce are dedicated cybersecurity professionals.
"Based on both survey evidence and anecdotes, there is certainly a cybersecurity talent crisis in state government. State CIOs desire to grow both the number, skills and scope of responsibilities of these IT professionals," the NASCIO survey said.
In California, there are pockets of activity where teams of cybersecurity professionals are making headway. One example is at the DMV, which has started its own Security Operations Center, where a 16-person staff is monitoring 24/7 the department's networks and website.
NASCIO notes that on the topic of privacy and data protection, 65 percent of respondents said recent cyberincidents have changed the way they approach oversight of privacy issues. Nonetheless, only 11 percent said they have an executive-level chief privacy officer. (California is not among that group.)
A separate NASCIO survey focused solely on the topic of cybersecurity identified the top five barriers in addressing cybersecurity challenges. (See the graphic at top left.)
