The IT Alliance for Public Sectorâs State Cybersecurity Principals and Best Practices document calls on state governments to establish partnerships with industry through the procurement of IT products and services equipped with security tools and development of terms and conditions that seek to address data breaches, Liam Crawford writes in an ITAPS blog post published June 15.
ITAPS also recommends state government agencies implement security standards that the private sector recognizes as well as standardize security of cloud services and leverage the Federal Risk and Authorization Management Program and other federal certification initiatives, according to the document.
States should also set up a governance structure that provides the chief information security officer authority to make data security requirements and critical decisions.
ITAPS also said state governments should facilitate sharing of cyber threat information through involvement in the Multi-State Information Sharing and Analysis Center and fusion centers as well as provide funds in support of workforce education and training on information security.