Improving Cybersecurity in State Procurement
Technology is increasingly connected through cloud infrastructure making it more efficient and accessible, however more risk is taken on. States are migrating to Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS) solutions. The information and functionality of cloud-based state systems contain very sensitive material, in the event of a breach, it could be catastrophic. Expanding cyberattack vulnerabilities such as remote work, Internet of Things (IoT), and supply chain increases risk exponentially, and is not just data compromise, but real life implications. Ransomware can hold government funds hostage and halt vital government processes. The disruption can have a huge impact on beneficiaries who depend on these processes for survival. Cyber warfare can cripple an economy through attacks on supply chains and utilities. Critical government operations and IT have a mutually exclusive relationship. Comprehensive security procedures need to meet the demands of the ever-changing landscape of cybersecurity threats.
The threat of cyberattacks has never been higher and the potential fallout has never been more dangerous. The National Association of State Chief Information Officers (NASCIO) states in their 2021 Federal Advocacy Priorities that cybersecurity is no longer an IT issue but one that concerns all levels of government, “The risk poses devastating consequences to functions of society, economy, and national security.” The Center for Internet Security (CIS) produced the 2021 Cybersecurity Trends to Prepare For that features comments from leaders in cyber security to provide trends and forward-thinking strategies.
A recent paper produced as a collaborative effort between from the NASCIO, CIS, and NASPO, Buyer Be Aware – Integrating Cyber Security into the Acquisition Process tackles mitigation strategies such as market research, risk management, and enterprise architecture.
-Buyer Be Aware – Integrating Cyber Security into the Acquisition Process