The Answer to Ransomware? ‘Doubling Down on the Fundamentals’

NATIONAL HARBOR, Md. — Year after year, cybersecurity has topped the priority lists of IT leaders at all levels of government as they look to build the strongest enterprises possible.

When asked what the biggest obstacles are to turning the tide against the threat of ransomware at the NASCIO Midyear conference, a common refrain among CIOs was a need to drill down on the basics of cyber hygiene.

For Georgia CIO Shawnzia Thomas, “it still is education. Making sure our staff is trained on what to look for, links not to click on. Just basic education and making sure we’re making them aware of what’s out there and what’s to come.”

Nevada CIO Tim Galluzi also stressed the importance of employee training.

“Cybersecurity is a team sport …” he said. “Everybody has a responsibility to protect our state infrastructure because it could be as simple as clicking on an innocuous link in an email and now the entirety of the infrastructure is at risk.”

Those fundamentals are what Alaska CIO Bill Smith emphasizes as well. States can strengthen system backups or use AI to detect intrusions, but at the end of the day, he said, what agencies need to do is “[double] down on the fundamentals of basic cyber hygiene.”