Too often in the broader cybersecurity discussion the fact is lost that state and local governments are some of the most vulnerable and sought after targets of cybercrime. While much of the discussion focuses on securing federal systems and data, what government officials must keep in mind is that states and localities manage an exceptional amount of personally identifiable information that by all accounts exceeds the amount of information the federal government maintains. Additionally, many state and local governments continue to run on outdated legacy technology, which can lend itself to security vulnerabilities.
The IT Alliance for Public Sector (ITAPS) has continued to urge state legislators to make adequate funding available to a threat that is increasing exponentially. That is the case in Minnesota, where ITAPS recently sent a letter supporting Governor Mark Dayton’s (D) much-needed request for information technology (IT) upgrades in his 2018-2019 budget proposal. These enhancements would help greatly improve the security posture in Minnesota. They include a $74 million increase in cybersecurity funding, $51 million for upgrades to legacy IT systems and IT infrastructure, and $60 million for rural broadband deployment.
Threats to state government systems are becoming increasingly frequent and sophisticated, and ignoring such a proliferation in criminal capability could prove catastrophic. To mitigate some of these new challenges, increased funding is required to bolster the state’s cybersecurity posture and resiliency.
Additionally, the benefits of updating legacy IT systems and increasing funding for cybersecurity far outweigh the cost that the state will incur if left unaddressed. Outdated IT systems lend themselves to operational inefficiencies, dissatisfied constituents, increased maintenance cost, and can increase cybersecurity vulnerabilities. The older an IT system gets, the more vulnerable it is to attacks, many of which go undetected until it is too late. So it is imperative that state IT systems be modernized to improve the ability to withstand attacks. Overall, these funds would have the benefit of supporting the creation, enhancement and extension of state-wide IT capabilities, and increase the potential for significant long-term savings.
Like many states, Minnesota requires additional cybersecurity resources, and when budgeting two years out, through 2019, it is all but assured that the threat will only increase if the state is not provided this funding. We continue to urge the Minnesota legislature to take these threats seriously and to invest in long-term savings by acting now and not in reaction to the inevitable cybersecurity event.