Only 24% of state chief information officers feel very confident about their ability to protect their state's assets against external threats, while just 32% feel that their staffs have the required cyber security competency, according to a biannual survey issued Tuesday by Deloitte & Touche L.L.P. and the National Association of State Chief Information Officers.

The survey of 48 state chief information officers and their equivalents in two territories also found that although 70% have reported a breach, just 14% feel they have received the appropriate executive commitment and adequate funding for cyber security.

Other barriers faced in addressing cyber security in addition to lack of sufficient funding were:

• The increasing sophistication of threats, cited by 52%;

• The inadequate availability of cyber security professionals, cited by 46%;

• The lack of visibility and influence within the enterprise, cited by 42%; and

• Emerging technologies, which was cited by 36%.

In their announcement of the survey, New York-based Deloitte and Lexington, Ky.-based NASCIO said the top four threats anticipated by the chief information state officers in 2013 are:

• Phishing and related variants;

• Social engineering;

• The increasing sophistication and proliferation of threats, such as viruses and worms; and

• Mobile devices.

%%BREAK%%

Siri Subramanian, Harrisburg, Pa.,-based principal at Deloitte, and a leader of its security and privacy practice to state governments, said in a statement, “Through the programs and services they deliver, states have become enormous repositories of citizen data. As such, the privacy of individual citizens is contingent on adequate IT safeguards.

“Citizen trust in government is severely impacted when the data is compromised and hence it is not just an information technology issue, but an issue that could adversely impact elected officials and the credibility of governments.”

Copies of the report, “2012 Deloitte-NASCIO Cybersecurity Study,” are available www.deloitte.com/us/nascio here.