Deloitte and The National Association of State Chief Information Officers (NASCIO) have published a 2020 Cybersecurity Study, "States at Risk: The Cybersecurity Imperative in Uncertain Times," Deloitte reported on Wednesday.
The study has been created through responses from 51 U.S. state and territory enterprise-level chief information security officers (CISOs). CISO participants answered 61 questions designed to characterize the enterprise-level strategy, governance and operation of security programs.
"The last six months have created new opportunities for cyber threats and amplified existing cybersecurity challenges for state governments," said Meredith Ward, director of policy and research at NASCIO.
The study reported that the pandemic has highlighted gaps in budget, talent and threats and the need for partnerships. Deloitte noted that collaboration with local governments and public higher education is key to mitigate cyber risk. Additionally, the report stated that CISOs should develop a centralized structure to improve cyber agility, effectiveness and efficiency.
The report stated that COVID-19 has made organizations face challenges within state IT and cybersecurity, including securing adequate budgets and talent and coordinating consistent security implementation across agencies.
Before the pandemic, 52 percent of respondents said less than five percent of staff worked remotely. Following the mass shift to telework, 35 states have had more than half of employees working remotely, and nine states have had more than 90 percent remote workers.
With COVID-19, there has been an increased need for cybersecurity; however, the report stated that fewer than 40 percent of states reported having a dedicated budget line item for cybersecurity, and 50 percent still allocate less than three percent of their total information technology budget on cybersecurity.
"The pandemic forced state governments to act quickly, not just in terms of public health and safety, but also with regard to cybersecurity," said Srini Subramanian, principal, Deloitte & Touche LLP, and state and local government advisory leader.