Written by Benjamin Freed
While state and local tech officials are still awaiting guidance from the federal government on how a new billion-dollar cybersecurity grant program will work, some local governments are concerned about whether they will benefit. money, government IT experts said Thursday.
Alan Shark, executive director of CompTIA’s Public Technology Institute, said at an online event that the grant program’s competitive process — states will redistribute 80% of their total grants to their political subdivisions that apply for assistance — could have smaller and less resourced communities. ask “familiar” questions.
“’What if I don’t have the expertise to apply for these grants? Are we going to be left out? Said Shark.
Cloud trends, telecommuting
Shark made the comments during an annual briefing, co-hosted with Doug Robinson, executive director of the National Association of State Chief Information Officers, on the year ahead for state and local IT. Both gave insight into what members of their organizations expect to focus on in 2022, including retaining tech talent in the public sector workforce, greater modernization – especially of unemployment insurance systems, which have spent the pandemic battered by high demand and riddled with fraud — and using new federal funds for broadband expansion.
Robinson said only about half of the states have invested in “modern” unemployment platforms, many of which still run on decades-old mainframes. But many other state government leaders have become comfortable with the shift to cloud services, he said.
“Ten years ago, states were primarily opposed to cloud platforms because of security concerns,” Robinson said. “Now they realize that these cloud environments are more secure than these on-premises solutions.”
Shark, meanwhile, said he expects members of his local government “to have to outsource more than ever,” especially as cybersecurity remains a major and growing concern and reliance on services cloud increases. He also pointed to what he called a growing workforce crisis as more workers consider quitting, especially as organizations roll back their work-from-home policies in the age of the pandemic.
“Removing remote work is a bit problematic for retaining people,” he said. “For the first time, they’re saying it’s not always money. That’s the burnout factor, spending hours without feeling appreciated.
“Room to grow”
But it’s on cybersecurity and the new grant programs that many questions remain. Shark cited a recent CompTIA survey finding that more than half of its members rate their cybersecurity relationships with their state governments as “fair” or “poor,” though the upcoming grant program may remedy that. these splits.
“There is room to grow. We hope we can find mechanisms,” he said. “Maybe grant programs can help with that.”
Robinson noted that getting advice on the subsidy program, which was passed last year as part of a $1.2 trillion infrastructure spending plan, is a top priority. federal NASCIO and that the Cybersecurity and Infrastructure Security Agency is working with the Federal Emergency Management Agency — which administers the $1 billion program — on developing guidelines. (CISA Director Jen Easterly confirmed this last week.)
But Robinson also said that because the first $200 million tranche of the grant program won’t land in state coffers until very late in the current fiscal year, it’s “essentially a mistake of rounding” for budgets, which impacts how governments use the money.
“I think many states will focus on risk assessments and vulnerability assessments and hygiene outlooks,” he said. “They’ll want to know what’s going on in the field before they start spending on boxes.”
Shark responded that while governments are waiting for grants, there is work that can be done ahead of time.
“Now is the time to take stock,” he said. “Find out what your shopping list is and start developing the rationale for it so you can see how it lines up. It starts with inventory and asset control.