Tackling the cybersecurity workforce challenge in state government: New Jersey, InnovateUS and Google partner to empower public sector leaders with the cyber knowledge to keep us safe

The increasing importance of cybersecurity in the government sector is highlighted by the fact that many government agencies handle vast amounts of sensitive data, including citizen records, financial data, and national security information. The sheer volume and sensitivity of this data make cybersecurity a paramount concern, as any breach could jeopardize not only data but also the health, safety, and security of citizens. Governments are, therefore, increasingly focusing on strengthening their digital defenses and resilience to ensure public safety and national security​ – KPMG

"Today marks an important moment in the vital work to build the Nation’s cybersecurity workforce, a mission that is imperative to our national security and our economic prosperity in our increasingly digital world" – National Cyber Director Harry Coker

From the boardrooms of major corporations to the halls of Congress, cybersecurity has moved from a peripheral concern that was the province of a small collection of cyber experts to become a paramount one that is on the task list of every leader in the country, particularly those in the public sector. This is because of the critical functions for which they are responsible (and the massive harm to citizens if they are disrupted) but also because of the attacks on that sector in recent years.

According to a recent Sophos report: “In 2024, cyberattacks on U.S. state and local governments have continued to pose a significant threat ... 34% of state and local government organizations were hit by ransomware this year” and “the cost of recovery has skyrocketed, with the mean cost to recover from an attack more than doubling to $2.83 million from $1.21 million in 2023.”

One can see this in cyber attacks on cities and states in the last few years, a ransomware attack in the City of Baltimore that froze essential city services like online payments and email and required $18M to recover from, a hack at a water treater plan in Oldsmar, Florida that would have increased the amount of sodium hydroxide in their water to lethal levels, and an attack on the city of Atlanta that took down city services from court systems to billing and costs over $17M to fix.

These new and evolving threats are a particularly acute concern to local and state governments because of the lack of a cybersecurity workforce to defend against such threats.

“The shortage of cybersecurity professionals in state and local governments has reached a critical point," wrote National Defense Magazine. There are only enough cybersecurity workers to fill 85% of vacant jobs in the United States, leaving an estimated gap of 225,000 workers needed to secure these essential entities. This shortage is particularly concerning for state and local governments, as they face an increasing number of sophisticated cyber threats without the necessary workforce to defend against them effectively.” 

The question is what can we do about this? The State of NJ, InnovateUS at Northeastern University’s Burnes Center for Social Change, and Google have an answer.

Over the last six months, under the leadership of the NJ Office of the Chief Information Security Officer and administration of InnovateUS, over 100 handpicked leaders from across NJ state and local government are increasing their cyber expertise by going through the Grow With Google cybersecurity certificate. Google has created a series of deep in-depth certification courses ranging from cybersecurity to digital marketing, and partnered with InnovateUS to deploy them for free to state government and their partners around the country. New Jersey immediately took advantage of this and became the pilot state, which it used to grow its cybersecurity bench of talent. Ranging from leaders at the state’s university system to school district leaders to top officials in law enforcement, these leaders have spent the last six months:

1. Taking almost 150 hours of cybersecurity content in their certificate program can take a novice to someone who can lead cybersecurity efforts in their organizations
2. Gathering once a month with their cohort from across the state to share insights and challenges around the content and the work of securing their organizations’ digital frontiers
3. Hearing from experts like NJ CISO Mike Geraghty, Senior Advisor on Cybersecurity to the US Deputy Secretary of Education Mike Klein, and former Senior Advisor on Workforce to the US National Cyber Director Veronica Pugin. 

While this particular pilot cohort will be ending soon, it will be the first of many not just in New Jersey but in other states across the country. If you are a leader in state government and are interested in pursuing a similar effort in cybersecurity or any of our other disciplines please reach out to us at hello@innovateus.org.