Deloitte: Cybersecurity Study Sees Escalating Threats

By Rob Starr, Content Manager, Big4.com

According to the just-released 2012 Deloitte-National Association of State Chief Information Officers (NASCIO) Cybersecurity Study  www.deloitte.com/us/nascio ,  less than one quarter (24 percent)²  of chief information security officers (CISOs) are very confident in their states’ ability to guard data against external threats.

Other findings include the fact that more than four out of five (86 percent) CISOs reported that insufficient funding posed the most significant barrier to addressing cyber security issues at the state level. As well, A parallel survey targeting a limited cross-section of state business and elected officials shows that cyber security is indeed on their radar – 92 percent of respondents ranked cyber security as “most important” or “very important.”

Based on the findings, one of the recommendations provided by Deloitte and NASCIO is for CISOs to develop a network of business stakeholder advocates across state government offices and agencies. When CISOs communicate strategies and report on risks, progress and results to business stakeholders within government, there is a potential for an increased rate of budget support for cyber security initiatives.

Deloitte, in conjunction with NASCIO, conducted an online survey of CISOs and state officials in July and August of 2012. Survey respondents included 50 CISOs or equivalents responsible for the security oversight of 48 states and two U.S. territories. CISOs surveyed were at the U.S. state enterprise-level, with the majority (63 percent) identified as Chief Information Security Officers; alternate designations included Security or IT Director and Acting or Interim CISO.  Four of the respondents were CIOs.