State CISOs Are Losing Confidence, Biennial Report Finds
State CISOs Are Losing Confidence, Biennial Report Finds
https://www.govtech.com/security/state-cisos-are-losing-confidence-biennial-report-finds
Publish Date: 2026-04-27 18:01:00
Source Domain: www.govtech.com
PHILADELPHIA — Things are not looking good in the land of cybersecurity: As AI threats loom, budgets falter and responsibilities increase, cyber leaders in state government are getting nervous.
That was the main takeaway from the biennial cyber report released Monday by the National Association of State CIOs (NASCIO) and Deloitte, which includes survey responses from cyber leaders in all 50 states. The report was released during NASCIO’s Midyear Conference in Philadelphia.
The worries were perhaps best summed up in this statistic: The number of CISOs who said they were “very” or “extremely” confident in their ability to protect data dropped from 48 percent in 2022 to 22 percent in 2026.
“The cyber threat landscape is not improving — at all,” said Mike Wyatt, partner and principal at Deloitte, during the conference.
Tied into this were a host of specific concerns. At the top of that list: a “bleak” budget picture in many states. Eight states reported shrinking cyber budgets, a phenomenon that was absent in 2024’s report. While substantial budget increases were common last time, more than half the states in 2026 reported flat cyber budgets or only small increases.
Speaking during a breakout session, Michigan Chief Security Officer Rex Menold said framing cyber funding in terms of business risk helps lawmakers understand its importance.
“Ultimately it comes down to we’re trying to lower risk for you, the people in the state of Michigan, and you represent them,” he said. “So we want you to understand when you’re making decisions — frankly, business decisions — how that impacts our state, how you impact my township.”
Reduced federal support likely played a role here; since Donald Trump’s second inauguration, the government has scaled back state and local governments’ cyber resources. Notably, this included transitioning the Multi-State Information Sharing and…
