Ohio is one of seven states selected by the National Governors Association to participate in a partnership to advance cybersecurity. 

The main goal is to develop strategies to enhance statewide cybersecurity, particularly at a local level. 

"Every local government, no matter its size, uses technology to serve its citizens," said Governor Mike DeWine. "By assisting local governments in implementing proven cybersecurity controls, we are helping reduce the risk to their systems and their communities."

The Ohio Department of Administrative Services will lead Ohio's efforts. Their goal will be to identify ways to empower locals to better leverage existing financial and staffing resources to increase their overall security. 

"Our focus will be on prioritizing cybersecurity controls so local governments can effectively apply their resources to protect their systems," said DAS Director Matt Damschroder. "By implementing preventative measures such as vulnerability management and system configuration, we reduce the need for more expensive fixes after an incident."

Damschroder noted that fully implementing the six basic controls established by the Center for Internet Security will stop 85% of cybersecurity threats. Those controls are:

  • Inventory and control of hardware assets
  • Inventory and control of software assets
  • Continuous vulnerability management
  • Controlled use of administrative privileges
  • Secure configuration for hardware and software on mobile devices, laptops, workstations, and servers
  • Maintenance, monitoring, and analysis of audit logs

The workgroup is expected to meet from July through December 2019. The other states and territories working with staff from the Homeland Security and Public Safety division of NGA Solutions: Arkansas, Guam, Louisiana, Maryland, Massachusetts, and Washington.