Governor Laura Kelly Announces the Release of the Cybersecurity Task Force Final Report

TOPEKA – Governor Laura Kelly announced today the release of the Cybersecurity Task Force’s final report. In the Task Force’s report of forty-one recommendations, they identified seventeen as critical. These critical recommendations are essential to the implementation of other recommendations, or in the absence of resources, these critical recommendations should be implemented for greatest impact.

“These cyber security recommendations put Kansas on a path to be proactive in securing our data while also growing our workforce,” Governor Laura Kelly said. “Thanks to the Task Force for your hard work and diligence these last five months. It’s never been more important to strengthen our cybersecurity.”

The Task Force began meeting regularly in August and delivered its first report, an interim report, in early October. The final report, submitted in early December, is the result of several more months of meeting with stakeholders from across and outside of Kansas to help identify both the gaps and capabilities in Kansas’ cybersecurity posture.

“Important to us was to provide the Governor with actionable recommendations that can increase the cybersecurity posture of Kansas and grow its cybersecurity workforce,” said co-chairs Mike Mayta and Jeff Maxon. “After meeting with stakeholders, we feel confident in the potential that Kansas possesses. Countless efforts are happening locally and at a regional level, and our recommendations aim to bring those efforts together and scale them so they can strengthen Kansas as a whole.”

In addition to meeting with stakeholders, the Task Force solicited public feedback to help determine new recommendations for inclusion in the final report as well as any refining of the recommendations first published in the interim report.

The final report includes five new recommendations while consolidating and streamlining others, taking the report from forty-five to forty-one recommendations. Recommendations are organized by subject areas such as Cybersecurity Governance and Strategy and Incident Response Exercises and Training while also giving some recommendations priority distinction of critical or high. The Task Force identified these critical and high priority recommendations as ones that are critical to the implementation of others while also having significant impacts on cybersecurity.

The Task Force’s final report can be found here.

The Task Force’s interim report can be found here.