As cyberattacks become more prevalent and sophisticated, state governments are finding it difficult to come up with the finances, skilled staff and other resources they need to combat this serious threat.

That was among the warnings in the latest biennial cybersecurity study from Deloitte and Touche, the world’s leading professional services network, and the National Association of State Chief Information Officers, released last fall.

The report warns that as state leaders become increasingly dependent on information technology and connectivity to operate their government, hackers have more opportunities to penetrate their systems and work their devious schemes.

State governments — and of course, city and county governments as well — are increasingly storing vital information on servers or on what’s known as the “Internet of Things,” devices connected to the internet that can collect and exchange data. That dependence increases vulnerability to cyberattacks.

The growth of artificial intelligence throws another complication into the mix, making it easier to run phishing scams and audio and visual deepfakes.

Dangers lurk everywhere in cyberspace; the more dependent we become on our high-tech devices, the greater the need for vigilance and defensive measures.

State CISOs — chief information security officers — are on the front lines in this campaign to protect the finances and services of state governments. They are the people largely responsible for coming up with ways to protect the state’s information and for limiting the damages when a breach occurs.

Increasingly, the study found, these officers are finding it difficult to get the financial support they need from state governments, including for projects designed to make state offices compliant with laws and regulations.

Another problem is finding enough people skilled in cybersecurity to staff critical positions. Across the nation, the CISOs often suffer burnout in their high-stress jobs. Turnover in the top information security position is a problem in many states.

Virginia has been fortunate in this regard. The commonwealth’s CiISO, Michael Watson, has been in that job since 2012, receiving national awards for his work.

That’s no reason for the state to be complacent, however. As the risks of cybersecurity attacks grow and evolve, the legislature must not skimp on the resources needed to keep information security efforts strong and vigilant for new threats.

Virginia is doing a lot right. It is one of several states that have a collaborative approach to involve lawmakers, the tech industry, academics and business owners in efforts to keep tabs on the growth of AI and what that means.

Virginia also is one of the states whose laws address data privacy and protect misuse of consumers’ data, including by AI systems.

State leaders should continue to keep abreast of what’s working elsewhere and enact laws and regulations to provide added protection.

Many states are not only implementing strategies to guard against attacks by AI; they are also looking into ways to add AI to their arsenal of weapons to protect security.

All these defense strategies will require adequate funding, with the needs likely to increase as cyber criminals become ever more skilled. This is one area where the state cannot afford to skimp. Just about everything that goes on in state government involves information storage and finances, and thus is a potential target for damaging cyberattacks.

Municipal governments face these challenges too. As the commonwealth works to stay ahead of the ever-evolving cyber threats, officials should also do whatever they can to help city and county governments shore up security. Support should include sharing information and strategies as well as supplementing finances when possible.

Another part of the strategy could be working to encourage and make it easier for young people to prepare for cybersecurity jobs.

It’s a reality of 21st century life that we are increasingly dependent on the internet and other manifestations of our era’s rapid development of new and more powerful technology. The new technologies can do much good, but also, if misused, a great deal of harm. The state must build and maintain strong defenses.

_____

©2025 The Virginian-Pilot. Visit at pilotonline.com. Distributed by Tribune Content Agency, LLC.