The majority of state and local health and human services departments have adopted a cybersecurity framework that incorporates national standards, according to a joint survey by CompTIA and the American Public Human Services Association.
For the survey, CompTIA and APHSA asked experts from state and local health and human services departments about IT challenges and trends they've detected at their agencies. The survey was supplemented with in-depth telephone and in-person interviews to provide additional context.
Here are nine cybersecurity components state and local health and human services departments said they have adopted.
1. Adopted a cybersecurity framework based on national standards and guidelines: 79 percent
2. Created a culture of information security in state government: 74 percent
2. Developed security awareness training for workers and contractors: 74 percent
4. Adopted a cybersecurity strategic plan: 63 percent
4. Acquired and implemented continuous vulnerability monitoring capabilities: 63 percent
6. Established trusted partnerships for information sharing and response: 58 percent
7. Documented the effectiveness of cybersecurity programs with metrics and testing: 42 percent
8. Developed a cybersecurity disruption and response plan: 32 percent
9. Obtained cyber insurance: 21 percent
To access the full survey, click here.