National Governors Association Survey: Cybersecurity Biggest Threat To States

Of all the concerns keeping Governors’ Homeland Security Advisors up at night, cybersecurity ranks top of the list.

According to the 2017 online survey of the Governors Homeland Security Advisors Council–GHSAC–Homeland Security Advisors–HSAs–say there is a significant gap between states’ concern over cyber threats and confidence in their ability to respond to those threats. Equally troubling, the survey found that very few states have developed a metric system to evaluate the effectiveness of their cyber strategies or their ability to respond to an attack.

HSAs likely have good reason to worry. Of the 44 respondents, 69 percent of them had already addressed a cybersecurity incident since becoming an HSA, and they’re likely to face more yet. Over the last two decades, it’s become abundantly clear that cybersecurity was never just an abstract threat to credit card companies–it’s a state and Federal issue that could directly affect the lives of millions of Americans. As evidenced by recent attacks, hackers’ paths of destruction are only limited by their imagination, and their imagination seems fairly boundless.

Last year we learned that Russian hackers targeted–and penetrated–U.S. nuclear power plants’ networks as far back as 2016; a Buffalo, N.Y. hospital was taken offline for six weeks last year, when hackers demanded a measly ransom of $44,000 in bitcoin; and in one of the most dramatic displays of cyber force, Russian hackers took down a Ukrainian power grid back in 2015, purportedly as a test run.

The good news, however, is that roughly half of those surveyed said they were largely “satisfied” with their relationships with Federal agencies, including the DHS, FBI, National Guard Bureau, and FEMA.

The survey–meant to gather information about state homeland security concerns and HSA roles–found that of the HSAs respondents, 90 percent held other positions in state government, and nearly all had more than a decade of experience either in law enforcement or emergency management. The survey also found that HSAs typically oversee management and strategy issues rather than tactics.

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__atuvc	1 year 1 month	AddThis sets this cookie to ensure that the updated count is seen when one shares a page and returns to it, before the share count cache is updated.
__atuvs	30 minutes	AddThis sets this cookie to ensure that the updated count is seen when one shares a page and returns to it, before the share count cache is updated.

Cookie	Duration	Description
at-rand	never	AddThis sets this cookie to track page visits, sources of traffic and share counts.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.
uvc	1 year 1 month	Set by addthis.com to determine the usage of addthis.com service.
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
__gads	1 year 24 days	The __gads cookie, set by Google, is stored under DoubleClick domain and tracks the number of times users see an advert, measures the success of the campaign and calculates its revenue. This cookie can only be read from the domain they are set on and will not track any data while browsing through other sites.

Cookie	Duration	Description
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
loc	1 year 1 month	AddThis sets this geolocation cookie to help understand the location of users who share the information.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt.innertube::nextId	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.
_mkto_trk	2 years	This cookie, provided by Marketo, has information (such as a unique user ID) that is used to track the user's site usage. The cookies set by Marketo are readable only by Marketo.

Cookie	Duration	Description
GoogleAdServingTest	session	No description
xtc	1 year 1 month	No description