Table of Contents
- Executive Summary
- Chapter 1: Introduction
- Chapter 2: Three Approaches
- Chapter 3: Lessons for State Policymakers
- Chapter 4: Recommendations for the Federal Government
- Appendix I: Methodology
- Appendix II: Arizona and the Arizona Cyber Threat Response Alliance (ACTRA): The Community Approach
- Appendix III: New Jersey & The New Jersey Cybersecurity & Communications Integration Cell (NJCCIC): The Bureaucratic Superstructure Approach
- Appendix IV: Washington State: The Multidisciplinary Approach
- Appendix V: Full List of Interviews
Appendix I: Methodology
This report seeks to answer three questions:
- What has been achieved in managing cybersecurity needs at the state level?
- What are the challenges states face in doing so?
- What are the dependencies that have supported those successes?
In order to examine each case in detail and gain a deep understanding of the specific needs and environments affecting each set of choices, the authors have focused on three states: Arizona, New Jersey, and Washington. These states were chosen for their diversity of approach, maturity (demonstrated success over time), and scalability (capacity for duplication in other states seeking to improve or begin cybersecurity program(s).