The National Conference of State Legislatures wants the federal government to allow state and local governments to implement strategies to deal with cybersecurity.
In a response to a request for information from the National Institute of Standards and Technology, NCSL called on federal officials to allow states to make their own policies, due to the ever-growing awareness of state governments on the issue of cybersecurity.
“States are diverse and active participants in the security and resiliency of their state digital networks,” the association wrote in their comments. “Legislators are becoming more aware of the threats posed to their digital infrastructure and the evolving sophistication of criminal actors, which will help inform appropriations to protect those systems.”
In the comments, the association said that due to the diversity of states and how they deal with cybersecurity, they need the “flexibility” to employ different strategies and practices to address the “unique challenges of their state.”
The comments on the RFI, submitted September 9, also touch on state governance on issues such as critical infrastructure, cyber insurance, workforce development, identity and access management, public awareness and education. In the comments, NCSL pointed to is creation of a task force on cybersecurity earlier in the year.
That task force discusses challenges and solutions in the digital realm, and informs policy leaders of challenges facing cybersecurity. It also attempts to integrate private sector leaders into the discussion.
The NCLS said legislators are beginning to respond with solutions, and are accepting cybersecurity as part of regular oversight by working to combat issues such as identity theft, security breaches, spyware, phishing and computer crime.
The NIST RFI came as part of the agency’s efforts to provide President Barack Obama’s Commission on Enhancing National Cybersecurity with technical and expert support from the private sector, associations, as well as state and local governments.