States to ramp up cybersecurity information sharing.

• Author: Insinna, Valerie
• Position: Homeland Security News

* Cybersecurity has long been seen as a federal domain, but an initiative announced by the National Governors Association seeks to shift the discussion to the state level.

[ILLUSTRATION OMITTED]

The newly created Resource Center for State Cybersecurity will be led by Maryland Gov. Martin O'Malley (D) and Michigan Gov. Rick Snyder (R) and will focus on what states can do in the face of a growing cybersecurity threat.

"It's more than just encrypt your Black-Berry and do good computer hygiene," said Thomas MacLellan, the division director for the association's homeland security and public safety division. "There's a lot more governors could and should be doing."

The first stage of the project involves the creation of the National Policy Council on State Cybersecurity, which will comprise about 25 individuals from private industry and federal agencies and include participation from the Departments of Defense and Homeland Security.

The council will share information on statewide cybersecurity problems and resources, and ultimately will draft a policy framework for governors to put into action. MacLellan said the association would begin identifying members for the council in the coming weeks.

In August, Senate Republicans blocked an Obama administration-approved cyber-security bill. The U.S. Chamber of Commerce--which feared the bill would over regulate industry--lobbied against it. With cybersecurity legislation on the Hill in limbo, MacLellan said he's aware of the need to get private companies on board.

"We're looking at those issues right from the outset, and that's why having private industry at the table at the formation of this is going to be essential," he said.

The association has already engaged some individual businesses and the Information Technology Industry Council, a lobbying organization for technology companies including Apple Inc. and Google Inc., MacLellan said.

Statewide critical infrastructure and key resource assets, which include the electrical grid, banking industry and transportation systems, have become more vulnerable to cyber-attacks as they become increasingly connected to the Internet. MacLellan said about 85 percent of these assets are owned by the private sector, which increases the importance of cooperation. Without their participation, he said, "You're not going to get the type of security that you need."

After the council establishes a policy framework, the focus will change to implementation, which will be...