US govt urged to harmonise cybersecurity regulations

The US National Association of State CIOs (NASCIO) has welcomed a new report from the federal Government Accountability Office (GAO) affirming the need to harmonise disparate federal cybersecurity regulations.

NASCIO has made such harmonisation its top advocacy priority for 2020. According to the association, state governments must store data and exchange data with federal agencies and thus become subject to federal security regulations that govern the use and protection of shared data.

This has made compliance with disparate regulations an obstacle for state CIOs who are actively seeking savings for taxpayers through IT initiatives like consolidation and cost optimisation.

The GAO’s report calls on federal agencies to take steps to ensure they are collaborating on the refinement of cybersecurity requirements to state agencies “to the greatest extent possible”.

It also urges federal agencies to coordinate on assessments of state agencies’ cybersecurity posture.

“NASCIO has long advocated for federal cybersecurity requirements to be harmonised and applauds the findings in the GAO report,” NASCIO Executive Director Doug Robinson said.

“The hours and effort required by states to respond to several audits from different agencies with different security controls is burdensome, costly and negatively impacts states. We are hopeful that the federal agencies will heed the report’s recommendations and foster a much greater collaborative environment on these regulations.”

Image credit: ©stock.adobe.com/au/zentilia