The three cybersecurity preparedness bills that Gov. Larry Hogan recently signed into law offer signs of hope and progress.
They will not only help protect us against cyber attacks like the ones that previously hit Maryland hard, but also fund a cyber preparedness unit. Just as importantly, Maryland government entities will have to conduct a cybersecurity assessment every two years.
As the executive director of the Cybersecurity Association of Maryland Inc. (CAMI), I’m often in a unique position to advocate for Maryland’s cybersecurity industry while connecting people and businesses to the resources they need. It is encouraging to see cybersecurity become more mainstream and get a renewed focus from our local, state and federal government. The recent bills reflect a state and local strategy that “levels up” to match the federal and private sector assets in Maryland.
All of this is necessary and will help align our state’s cybersecurity operations with industry best practices. An early 2022 Maryland Cybersecurity Council report found that 60% of surveyed state agencies did not complete a cyber risk assessment. The report also said that 40% of state agencies still rely on older legacy systems, while over half don’t have set objectives for post-attack recovery times.
While these bills provide the vital infrastructure and legal backing to improve our overall cybersecurity posture at the state level, we must also develop our cyber workforce in tandem. A workforce development “roadmap” will serve as a strong complement to the ambitious legislation at the tactical level.I also believe that our state should look inward for our workforce development.
While the threat landscape may seem dire, it’s encouraging that Maryland remains ahead of the cybersecurity curve. The state’s cybersecurity ecosystem is strong and well-positioned to safeguard against cyberattacks. It boasts an exciting mix of private and public organizations that sit on the frontlines of our nation’s cyber defense. This is possibly due to institutional support to Maryland’s cyber economy, including the state’s well-educated workforce, and its proximity to both DC and the National Security Agency. Maryland also boasts a strong military community, with Fort Meade, US Cyber Command and Aberdeen Proving Ground all calling Maryland home.
In fact, according to the Economic Alliance of Greater Baltimore (EAGB), Maryland commits more money per capita toward academic, federal and computer science research and development than any other state. The EAGB also stated that Maryland’s significant presence of historically Black colleges and universities make it a national leader in creating a diverse cyber workforce. This is all to our benefit and should be relied upon as we build a talent pipeline to not only fill the state’s nearly 22,000 open cyber jobs, but improve our state’s cyber readiness as well.
CAMI, which is also included in the Modernize Maryland Oversight Commission, is working to accomplish all of this. Our recent expansion of the membership program and creation of Centers of Excellence puts CAMI in a position to facilitate best practice-sharing to grow Maryland’s cybersecurity ecosystem. Additionally, it is important that those looking to enter the industry get connected with the numerous training resources that are available. It is our hope that, through continued collaboration and resource sharing, our workforce will exceed the need the current cyber threat landscape presents.
It is imperative that we continue growing our workforce and making Maryland, and the mid-Atlantic region as a whole, the home for our nation’s cybersecurity industry. This will ensure that the latest bills have the support they need for true implementation.