LEXINGTON, Ky., Thursday, December 3, 2020 — Yesterday, Denis Goulet, the National Association of State Chief Information Officers (NASCIO) president, testified before the United States Senate Subcommittee on Federal Spending Oversight and Emergency Management of the Committee on Homeland Security and Governmental Affairs. The Subcommittee is led by Chairman Rand Paul (R-KY) and Ranking Member Maggie Hassan (D-NH).
The hearing, titled State and Local Cybersecurity: Defending Our Communities from Cyber Threats amid COVID-19, focused on the cybersecurity challenges facing state and local government systems. Goulet, who is also the Commissioner of the Department of Technology for the State of New Hampshire, said in his testimony, “inadequate resources for cybersecurity has been the most significant challenge facing state and local governments, even prior to the COVID-19 pandemic.” He urged Congress to pass a dedicated cybersecurity grant program for state and local governments, calling it “long overdue.”
Goulet highlighted a whole-of-state approach saying, “more than 90 percent of CIOs are responsible for their state’s cybersecurity posture and policies. In collaboration with their chief information security officers (CISOs), whose role has expanded and matured in recent years, CIOs have taken numerous initiatives to enhance the status of the cybersecurity program and environment in their states. I believe these initiatives are also fundamentally crucial as Congress considers the implementation of a cybersecurity grant program for state and local governments.” Goulet also called for the importance of adoption of a cybersecurity strategic plan, a cyber disruption plan, cyber insurance, cybersecurity awareness training and the adoption of the NIST Cybersecurity Framework.
Goulet described how cybersecurity has crossed boundary lines as state and local governments continue to work with each other. He said, “under-resourced and under-staffed local governments continue to remain an easy target for cyber-attacks. Due to the combination of a whole-of-state approach to cybersecurity and the proliferation of numerous high-profile ransomware attacks across the country, state CIOs have significantly increased collaboration with local governments to enhance their cybersecurity posture and resilience.”
To read Goulet’s full testimony, please click here.
Director of Policy and Research
National Association of State Chief Information Officers