Connecticut Governor Dannel Malloy has released a new cybersecurity strategy for the state. The strategy was produced through the Department of Administrative Services (DAS) by the state’s Chief Cybersecurity Risk Officer Arthur House and Chief Information Officer Mark Raymond. The Governor created the position of Chief Cybersecurity Risk Officer last year and charged House with creating this strategy as his first priority.
The strategy is broken down into seven key principles – leadership, literacy, preparation, response, recovery, communication and verification, which officials say can be applied to every person and entity in Connecticut.
The strategy was published along with an extensive report on the overall cybersecurity preparedness of Connecticut. The report breaks the state into five main groups in order to address the current state of cybersecurity efforts. The five groups are: state government; municipalities; business; higher education and law enforcement. From there the report highlights the challenges facing each group and makes recommendations in line with the seven principles.
Report authors suggest that robust cybersecurity “can become a Connecticut hallmark” if everyone makes an effort to implement the strategy.
The strategy will be followed by an action plan that will go into greater detail about what state officials plan to do to make cyberspace safer in Connecticut. The Department of Emergency Services and Public Protection – through the Connecticut State Police, the Connecticut Intelligence Center, and the Division of Emergency Management and Homeland Security – will have a significant role in the plan’s implementation, according to the governor’s office.
Connecticut is the latest state to announce a significant cybersecurity effort. Govs. Terry McAuliffe (D-Va.) and Brian Sandoval (R-Nev.) have made cybersecurity a focal point of their leadership of the National Governor’s Association and are working with several states to help them build policies. Last October, CivSource spoke with Governor McAuliffe about his cybersecurity playbook which he hopes will serve as a guide for state leaders.