The types of information that state & local governments collect – including sensitive individual information and the governments’ own business transactions— can entice cybercriminals to steal the information and sell it to willing buyers. Without effective cyber security, an experienced hacker could easily be just a few keystrokes away from accessing your local agency’s government data as well as your own personally identifiable information that is stored in the agency’s database. “A successful breach at this level could bring an enterprise, industry or public agency, to its knees. It doesn’t take much imagination to envision an array of devastating scenarios," Paul Lipman, CEO of iSheriff, an internet security company, wrote in a column for Government Technology. The Vendor Community Can Help Keep Government Data Safe According to a 2014 National Association of State Chief Information Officers (NASCIO) report, six out of 10 state and local chief information security officers rank cyber security as a primary concern and a priority. Since government agencies collect and store so much information online -- such as Social Security numbers, email addresses and healthcare records -- their information systems should be state of the art and as secure as Fort Knox. That’s not always the case… Birmingham-Jefferson County Transit Authority in Alabama In a September 2015 bid for a web-based system to combat cyber-attacks, officials said its employees are one internal weakness to securing its vital assets: “Our own employees may unwittingly threaten the network by opening email-borne viruses, running bandwidth-hungry applications or accessing the wrong websites.” To ensure the strongest protection, agency security officials many times invite the vendor community and “civic hackers” to test their system vulnerabilities by allowing them to try to hack through a system’s security parameters. The goal is to aid in pinpointing system weaknesses and vulnerabilities. Capital Area Council of Governments in Austin, Texas In a May 2015 bid, agency invited vendors to test their systems’ resiliency. The agency asked for qualified contractors to assess the vulnerability of critical information infrastructure. With no shortage of hacking threats, governments are beefing up the roles and responsibilities of the chief information security officer to keep their data safe. In the coming years government security officials will increasingly seek vendor assistance to help them implement data security efforts.