A GovRAMP report highlights how states leverage GovRAMP to advance trusted cybersecurity practices, pairing specific examples with CIO feedback. According to the nonprofit, states increasingly turn to GovRAMP to modernize vendor risk management, streamline procurement and strengthen cybersecurity oversight. The publication, States Across the Country Highlight Use of GovRAMP to Strengthen Cybersecurity and Vendor Risk Management, includes specific examples of states using GovRAMP as part of a broader third-party risk management and cybersecurity strategy.
“Each of these states is using GovRAMP in a way that aligns with its own governance, procurement and security priorities,” said Leah McGrath, executive director of GovRAMP. “What they share is a focus on improving consistency, reducing unnecessary burden and strengthening oversight of the vendors that support critical public services.”
The GovRAMP states mentioned in the report include Arizona, Indiana, Massachusetts, Minnesota, Nevada, New Hampshire, North Carolina, North Dakota, Oregon, Texas and Utah; for each state, learn how the state uses GovRAMP, along with feedback from one of their state technology leaders, such as the CIO or CISO.
Spotlighting Arizona, for example, the state leverages GovRAMP for modernizing statewide vendor risk management. J.R. Sloan, Arizona state CIO, speaks about Arizona’s transition from AZRAMP to GovRAMP: “Arizona’s migration from AZRAMP to GovRAMP represents a major modernization milestone for our state. By shifting to nationally aligned standards, we are reducing redundancy, improving efficiency for vendors, and ensuring a more consistent approach to managing security across agencies.”
A cybersecurity study from the National Association of State Chief Information Officers finds state officials encounter increasingly sophisticated threats, including artificial intelligence-enabled tactics. NASCIO explains that the study, released April 27, “reveals a rapidly shifting environment where cyber threats are growing in scale and sophistication, with foreign adversaries and cybercriminals increasingly leveraging artificial intelligence to exploit vulnerabilities, even as states adopt AI to strengthen defenses.” The survey of Chief Information Security Officers from all 50 states and 2 territories found that only 26% of state CISOs feel “extremely” or “very” confident that their state’s information assets remain protected from cyber threats—down from 48% in 2022. The report outlines ways CISOs protect public data and critical digital services; for example, the survey found that nearly all CISOs use or plan to use GenAI to enhance their cybersecurity operations. When asked to identify the top barriers states face to address cybersecurity challenges, CISOs cited: sophisticated threats, aging infrastructure and budget as their top challenges.
Bill Moseley, CEO of GL Solutions, advocates for the cybersecurity provided by GovRAMP and sees a “red alert” flashing for security and government agencies—especially with the advent of AI.
The Occupational Licensing Law Research Project Database, from the Knee Regulatory Research Center at West Virginia University, tracks essential state occupational regulations from key industries dating back to 1990; on April 22 the organization added the second installment to the database which includes 7 new occupations. The database includes licensing requirements for occupations, such as optometry, listing those by state, by year and then providing details, from educational requirements to state statutes. According to the Center in a social media post, the “Occupational Licensing Law Research Project (OLLRP) is a first-of-its-kind database that collects and organizes the regulatory landscape of occupational licensing in unprecedented depth and detail for its audience—from economists, employers, employees and more.” The new occupations added to the database include barbers, shampooers, estheticians, embalmers, funeral directors, mortgage brokers and mortgage loan originators. In addition, the database also includes information on universal licensure, as that applies to each occupation.
Renee Moseley joined GL Solutions in 2016 with an educational and professional background in research and writing, along with software documentation. At GL Solutions she produces informative content to help regulatory agencies stay current on news and information that supports their success.
