State

NASCIO calls on states to develop advanced cyber analytics capabilities

A new report released Thursday from the National Association of State Chief Information Officers recommends states bolster their cyber defenses through advanced cybersecurity analytics.

By Jake Williams

April 21, 2016

With the global cost of cybercrime exceeding an estimated $375 billion annually, the National Association of State Chief Information Officers is calling on states to ramp up their cybersecurity programs and invest specifically in advanced cybersecurity analytics.

In a report released Thursday, NASCIO partnered with the U.S. Justice Department through a grant from the Bureau of Justice Assistance, to define advanced cybersecurity analytics and make the case to states for the need to invest in the technology now.

“We’re making a call to action to states and territories to make investment in cyber analytics a priority,” New Mexico Chief Information Officer and NASCIO President Darryl Ackley, said in a release.”

Cyber analytics applies “big data tools and techniques to capture, process and refine network activity data,” according to the report. In addition, it also includes the use of algorithms for near-real-time monitoring of network nodes and the use of visualization tools, allowing security and network operations center analysts to monitor cybersecurity-related activity.

If implemented fully, cyber analytics can reduce the time it takes to detect threats on state networks. It can also lessen the time it takes for states to respond — something especially important in an era of growing cyber threats, the report said.

“In the future, advanced persistent threats will become more and more sophisticated,” NASCIO executive director Doug Robinson said in a release. “States must move away from merely waiting for the next attack and respond to a more predictive stance in anticipating attacks so they can put necessary defense in place in advance.”

To get started, the report recommends states:

Develop a strategic plan for advanced cyber analytics
Build a team devoted specifically to cyber analytics including the state chief information officer and state chief information security officer
Put in place policies to share data across the enterprise
Build a real-time ecosystem for sharing threat intelligence and best practices
Implement a training program to ensure employee cybersecurity awareness
Establish collaborative relationships across agencies and sectors to ensure best practices on cyber

In NASCIO’s 2014 cybersecurity study with Deloitte, only 7 percent of states said they had fully implemented advanced cyber analytics. The association pointed to the successful implementation of the process in Maricopa County, Arizona and Miramar, Florida as well as other cities and agencies across the country.

The new report from the association builds on another cyber-related report released earlier this month that urged state CIOs to establish plans for how to handle cyberattacks on critical infrastructure.

Contact the reporter who wrote this story at jake.williams@statescoop.com and follow him on Twitter @JakeWilliamsDC.