State and Local Officials Stress Need for Better Coordination to Target Cyber Disruptions
Shutterstock
Training, technology and partnerships are critical to infrastructure defense, according to a new white paper, but do encryption and privacy concerns really stand in government’s way?
Cybersecurity was listed a “top challenge” in the 2016 National Issues Brief released in April, representing a growing concern among the 22 organizations comprising the National Homeland Security Consortium.
The National Emergency Management Association, International City / County Management Association and National Association of State Chief Information Officers all endorsed the white paper highlighting the “highly technical” threat.
Sufficiently trained cyber personnel and cross-sector collaboration are high priorities for the state, local and private officials’ worried about cyber disruptions—causing or coinciding with natural disasters—according to the brief:
The physical consequences of a cyber-attack, particularly on our critical infrastructure and interdependent systems, would be significant and could stress even the most prepared jurisdictions. Managing the consequences of a cyber-attack requires cooperation and coordination among many disparate agencies and the private sector. Federal, state and local governments, and the private sector should work together to generate sound policy solutions, operational coordination, and mutually agreed upon objectives that ensure the security of connected networks and systems without sacrificing privacy and economic values.
NASCIO, as Route Fifty reported, recently issued a Cyber Disruption Response Planning guidance for states and is also pushing for their governments to develop advanced cyber analytics.
With cyber attacks constantly evolving, states must facilitate data sharing between their agencies’ security tools.
“In the future, advanced persistent threats will become more and more sophisticated,” Doug Robinson, NASCIO’s executive director, said in a statement. “States must move away from merely waiting for the next attack and respond to a more predictive stance in anticipating attacks so they can put necessary defense in place in advance.”
Connecticut, Illinois, Louisiana, Nevada and Oregon will develop a comprehensive, implementable cybersecurity plan during a policy academy announced Thursday by the National Governors Association. The NGA created the Governors Homeland Security Advisors Council, another sponsor of the issues brief.
NGA’s policy academy will look at better safeguarding communications networks, databases, and payment and tax system critical infrastructure, as well as prosecuting cyber crimes.
“Cyber threats affect everyone from law enforcement, public works and energy agencies, to financial and communications sectors and ultimately, citizens of every state,” Michigan Gov. Rick Snyder, who co-chairs NGA’s Resource Center for State Cybersecurity, said in the announcement. “This policy academy will help states develop strategic plans to enhance their cybersecurity capabilities and improve incident response planning.”
The white paper argues new encryption methods and privacy and transparency concerns have hindered the adoption of cyber technology and intelligence sharing.
In April, the Major Cities Chiefs Association, which is part of the National Homeland Security Consortium, threw its support behind a new bipartisan encryption bill that came out of the U.S. Senate Intelligence Committee, the Compliance With Court Orders Act of 2016. The legislation grants law enforcement access to encrypted data at U.S. companies and service providers, and opponents argue it effectively outlaws encryption altogether.
“The recent attacks in Paris and San Bernardino demonstrate the urgent need to grant law enforcement lawful access to cell phone data in criminal and terrorist cases,” MCCA President J. Thomas Manger, who is chief of the Montgomery County, Maryland, police department, said in the announcement. “We support the proposed legislation that grants access to encrypted information and will lead law enforcement to victims in danger and the criminals who would do them harm.”
MCCA also put out a report lamenting law enforcement “rapidly losing the capability to lawfully obtain information necessary to protect the public from crime and violence.”
Law enforcement agencies aren’t the only ones worried about cybersecurity. A representative for the International Association of Fire Chiefs, which is another National Homeland Security Consortium member, testified before the U.S. House Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies of the Committee on Homeland Security in April..
The fire chief in Plano, Texas, Sam Greif, requested Congress put $45.6 million in federal funds toward first responder cyber threat education, in addition to grants promoting fusion center operations.
“Cybercrime and cyber attacks are becoming a more prevalent threat to the American homeland,” Greif said in his testimony. “However, the fire and emergency service is just beginning to recognize how these threats can affect our operations.”
Dave Nyczepir is a News Editor at Government’s Executive’s Route Fifty.
NEXT STORY: The Internet of Things and Cities: A Billion Points of Policy