Enhancing Government Cybersecurity Resilience

In today's evolving threat landscape, state and local governments (SLGs) must ensure robust cybersecurity while navigating budget constraints and skill gaps. Fortinet partnered with Canam Research to conduct a comprehensive survey of 54 SLG IT leaders across the United States to gain insight into these challenges and identify effective strategies.

The survey revealed that SLGs prioritize training existing staff over outsourcing to reduce costs and increase security. Approximately 38% of organizations plan to invest in training their personnel within the next 12 months, while only 1% are considering outsourcing. Furthermore, 89% of respondents believe they have effective security awareness training to mitigate cybersecurity threats. This approach of building internal expertise can empower SLGs to develop a strong cybersecurity workforce that understands their unique challenges.

Security Takes Priority Over Cost Considerations

Another key finding was that despite budget constraints and perceived high costs associated with cybersecurity, SLGs prioritize security initiatives over system modernization and operational technology. The survey found that 55% of respondents prioritize cybersecurity projects, even during budget cuts. This emphasizes the importance of safeguarding critical infrastructure and protecting sensitive data from threats such as phishing and ransomware.

The survey also identified end-user education and alert monitoring as significant gaps. To provide in-depth security, SLGs should focus on enhancing employee training programs to raise awareness about potential threats. Investing in robust alert monitoring systems can help detect and respond to security incidents promptly.

Balancing Priorities

Many SLGs are underfunded for their cybersecurity initiatives and have concerns about cost and tool overload. The survey revealed that most SLGs are not actively seeking upgrades or vendor consolidation. In fact, only 10% of respondents plan to focus on technology upgrades next year, while even fewer (8%) are looking into vendor consolidation. To optimize resources and streamline operations, SLGs should evaluate their current cybersecurity tech stack to ensure it aligns with their specific needs and objectives.

In SLGs, the primary source of funding for cybersecurity is local taxes, followed by state taxes and federal funding. Since 43% of respondents say they are underfunded, SLGs should explore diversifying their funding and look into other options, such as institutional grants and bonds. Despite budget cuts, 55% of respondents prioritize cybersecurity projects, highlighting the unwavering commitment to protecting critical assets.

Strengthening Cybersecurity Resilience

The Fortinet survey provides valuable insights into the cybersecurity landscape for state and local governments. By prioritizing training, addressing skill gaps, and optimizing their tech stacks, SLGs can enhance their security posture while navigating budget constraints. Here are some key takeaways for SLGs.

• Invest in comprehensive training programs: Continually educate employees about emerging threats and equip them with the skills to identify and respond to attacks effectively.
• Enhance alert monitoring capabilities: Implement robust monitoring systems to promptly detect and respond to security incidents, reducing the risk of prolonged breaches.
• Optimize the cybersecurity tech stack: Evaluate the current tech stack to eliminate redundant tools and ensure a cohesive, integrated approach to cybersecurity.
• Seek funding diversification: Explore opportunities for grants, bonds, and other alternative funding sources to supplement existing funding streams and bridge the resource gap.
• Prioritize cybersecurity during budget cuts: Maintain a steadfast focus on cybersecurity projects even in times of financial constraints, emphasizing the importance of protecting critical infrastructure and citizen data.

With a comprehensive and integrated security solution like the Fortinet Security Fabric, SLGs can effectively defend against cyberthreats, protect their networks, data, and critical infrastructure, and build a resilient cybersecurity posture for the future.

Learn more about the current cybersecurity landscape and state of security within SLG organizations by downloading the report.