Attacks Rise on State Web Sites

State officials report a significant increase in nuisance attacks of domestic origin on their Web sites and networks in the past year, Rock Regan, president of the National Association of State Chief Information Officers, said Nov. 14.The attacks have largely been worms and viruses and the flooding of networks, Regan told reporters at the association's Forum on Security and Critical Infrastructure Protection, held Nov. 13-14 in Dulles, Va. Regan is CIO of Connecticut.There have been no reports of major attacks by international groups on state Web sites. The association is developing an agenda for a comprehensive security and critical infrastructure protection plan for all states. The plan, to be available in December, will include guiding principles and specific activities that address systems architecture, funding and legislation, association leaders said. A major part of the plan is the creation of a mechanism for states to share ideas and strategies for network security and protection of IT infrastructures. Chris Dixon, NASCIO's digital government coordinator, said the information sharing initiative will rely as much as possible on existing federal administrative and funding resources."NASCIO will avoid duplicating any existing efforts. We will use any alert, warning and analysis capabilities that the federal government will make available to us through their own sources," Dixon told Washington Technology.State government approaches to cybersecurity vary widely, said Regan, adding these governments should strive to be in a preventive rather than reactionary mode. He called on the federal government to provide states with research and development funding and assistance for cybersecurity and infrastructure protection. Regan voiced a common complaint by state officials: The federal government's piecemeal approach to funding state programs does not allow states to take a coordinated approach to efforts, such as security and infrastructure protection, that crosses agency lines and involves the entire government "enterprise.""We need to have the freedom [to determine] how money comes to us and is spent," Regan said.NASCIO will work with the federal Office of Homeland Security, which sent a representative to the meeting, to frame the key security and infrastructure protection issues facing federal, state and local governments, Regan said.The meeting was hosted by the PricewaterhouseCoopers Endowment for the Business of Government, a nonprofit arm of the New York-based company.