The awareness and focus on cybersecurity has increased but a Federal Emergency Management Agency report found that states ranked cyber last among 31 critical areas of readiness, GCN reports.
In its National Preparedness Report, FEMA said most stakeholders responsible for protecting the critical infrastructure have put cyber upfront as a priority concern.
Government funding has not followed the need and meager amounts of federal grants have been awarded to aid cybersecurity programs, the report said.
FEMA’s annual assessment of the nation’s preparedness to respond to varying disasters found public health and medical services to be the top areas states indicated readiness in out of 31.
Close behind medical preparedness, organizations ranked operational coordination, followed by operational communications capabilities.
The 56 surveyed states and territories ranked their preparedness for cyber events, housing, natural and cultural resources and economic recovery at the bottom.
According to the report, this was the first year cyber and ability to repair compromised electronic systems was included in the list of core competencies entities ranked their preparedness for.
The U.S. Computer Emergency Readiness Team, which agencies report malicious activity to, saw a 650 percent increase of cyber incidents over a five year period from 2006 to 2010.
According to FEMA, half of owners and operators at high-priority facilities report cyber incidents externally.
FEMA also noted federal and private sector efforts to improve cybersecurity in the report, including the expansion of the Joint Cybersecurity Services pilot and Defense Industrial Base pilot.
Both programs aim to increase information sharing between government and companies to protect sensitive information within the Defense Department and intellectual property.
FEMA said despite many of these efforts, cyber capabilities lag at the state level and that most states have made little or not progress.
State cyber capabilities may be lagging since they have yet to be subject to an incident necessitating improvement, according to the report.
Often states improve processes to respond to disasters based on actual events such as the Sept. 11, 2001 terrorist attacks, FEMA said.
A Grant Thorton-Tech America survey found cybersecurity to be a top concern for 40 federal chief information officers, with some suggesting cyber could improve with more internal security audits, network operations security centers.