The new initiative is led by the National Governors Association and will convene private- and public-sector groups with the common goal of bolstering state government cybersecurity planning and infrastructure.
Indiana, North Carolina, West Virginia and Wisconsin will soon receive some extra help improving state cybersecurity plans and infrastructure.
The National Governors Association announced this week that the four states have been selected through a new initiative called the Policy Academy on Implementing State Cybersecurity.
Jeffrey McLeod, director of the NGA's Homeland Security & Public Safety division, said the four states were selected because they were the "best in terms of need and fit."
All four have strong support from their governors and resources dedicated to cybersecurity, but there's still work to be done in implementing the plans, he said.
"We're looking for states who already have some planning in place — they have maybe some response plan or some governance plan, and they're at the point now where they want to implement that successfully or maybe just receive support for ongoing efforts to do that," McLeod said.
Between now and next April, officials from the four states will attend two in-state workshops. Participants will also gather before the end of the program for a final meeting to share lessons learned, McLeod said. The NGA academy will convene "industry experts, federal officials, private sector experts, research organizations, and academia" to develop and share best practices, the group says.
The initiative is led by the NGA's Resource Center for State Cybersecurity, which was created in 2012. The center's biggest accomplishment since then, McLeod said, has been to raise the profile of cybersecurity among the nation's governors. Thirty-eight governors signed a 2017 cybersecurity compact pledging to improve IT security of state systems.
Commitments are a starting point, McLeod said; following through on those cybersecurity plans is the next step.
"Fundamentally, one of the biggest challenges we see across states is the governance issue, identifying roles and responsibilities, making sure that it's clear how the CIO, the CISO, the governors, homeland security adviser, and other stakeholders are going to work together," McLeod said.