| | DECEMBER 20199CIOReviewAnd, while there is interest from the federal level and some states to provide support and guidance to local governments, organizations of their size struggle to understand both what it means to work in the local government space as well as how to help such a diverse set of entities. Because large-well-staffed organizations have trouble understanding our issues,they struggle to understand how they can help. This lack of understanding often results in well-meaning deliverables that are not useful. With all of these seemingly insurmountable hurdles facing local's ability to improve individual cyber security programs, there is one essential thing we have in our favor­our willingness to collaborate. Collaboration is a means to at least two important ends. First, collaboration provides the lone (and often lonely) staff doing cyber security an opportunity to work with peers and create virtual teams. This ensures we are not wasting time reinventing processes or doing research a trusted peer has already done. Second, collaboration provides a way for our organizations to unite so that collectively we rival the size and influence of any major corporation garnering respect and negotiating power.Collaboration doesn't require that you have skills or knowledge to share, but it is not free. Collaboration requires effort and an ongoing commitment to work with others and become more knowledgeable. It is not something that happens for you or to you. It is adecision made; it is a set of actions taken to partner with othersto develop a set of goals and value propositions that benefits the whole.Collaboration is a force multiplier.And, let's be honest-collaboration is not optional. Collaboration is the only method that will support all local governments maneuvering to a place of sufficient cyber security in an economical manner. Partnering means we each don't have to build out our own extensive and expensive cyber security team, instead we can build teams that span jurisdictions and include all the expertise we collectively require. I have the sincere pleasure to be partnering with a wonderful team of locals from jurisdictions all over the state of Colorado who are each working to improve their respective organizations cyber security program. I am a part of an rewarding virtual team that emails me advice when I ask for it, jumps for joy with me when things have gone well, commiserates with me when I've had a failure, and whom I trust unreservedly to be there if and when I need their help. I am endlessly grateful for each of them every day and my organization is more secure because of these relationships.If you are in local government and you are not actively collaborating today, start-now. If you don't know where to start, here are 2 ideas to get you going:· Join MS-ISAC. (https://learn.cisecurity.org/ms-isac-registration) It is FREE and the most valuable organization facilitating state, local, tribal and territorial collaboration with the purpose of improving the overall cyber security posture of government across the nation. · Make your own group. As you meet people at conferences, keep in touch and work together. If you don't have contacts, MS-ISAC can help you identify contacts within your own state to get you started­email them at SOC@cisecurity.orgI stand by my statement that there is no harder place to "do cyber security" than in local government, but there is also no more rewarding space to be in for cyber. Jill Fraser
< Page 8 | Page 10 >