{"id":208934,"date":"2026-05-05T08:01:00","date_gmt":"2026-05-05T12:01:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/05\/05\/state-cyber-organizations-provide-good-roi-uc-berkeley-researchers-find\/"},"modified":"2026-05-05T08:15:14","modified_gmt":"2026-05-05T12:15:14","slug":"state-cyber-organizations-provide-good-roi-uc-berkeley-researchers-find","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/05\/05\/state-cyber-organizations-provide-good-roi-uc-berkeley-researchers-find\/","title":{"rendered":"State cyber organizations provide good ROI, UC Berkeley researchers find"},"content":{"rendered":"<p><a href=\"https:\/\/statescoop.com\/state-cybersecurity-organizations-roi-uc-berkeley\/\">State cyber organizations provide good ROI, UC Berkeley researchers find<\/a><\/p>\n<p><a href=\"https:\/\/statescoop.com\/state-cybersecurity-organizations-roi-uc-berkeley\/\">https:\/\/statescoop.com\/state-cybersecurity-organizations-roi-uc-berkeley\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-05-05 08:01:00<\/a><\/p>\n<p>Source Domain: <a href=\"statescoop.com\">statescoop.com<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points. <\/p>\n<p>When attempting to pry funding from state coffers for new cybersecurity programs, officials most frequently resort to advertising a (perhaps well-justified) fear of being associated with the next big disruptive and expensive cyberattack. But one underappreciated strategy, said Grace Menna, a senior fellow at UC Berkeley\u2019s Center for Long-Term Cybersecurity, is selling the financial upside to spending on cyber.<\/p>\n<p>A guidebook published Tuesday catalogs Menna\u2019s thoroughgoing project to compare the various state-led and community-led cybersecurity efforts that have grown more common in recent years, particularly under an administration that\u2019s encouraged states to wean themselves off of federal support. One of the guidebook\u2019s key findings is that cybersecurity programs are frequently sound investments: Regional security operations centers (found in Arizona, Louisiana, Oregon, Texas and South Carolina) generate between $1.1 million and $2.6 million in annual economic value, cyber clinics (found in more than half of the states) are worth up to $150,000 annually and state cyber corps (found in Louisiana, Maryland, Michigan, Ohio, Texas and Wisconsin) generate between $1.4 million and $7.5 million in economic value each year.<\/p>\n<p>Menna, whose team spent six months researching and interviewing cybersecurity officials and volunteers from around the country, with the aim of compiling an authoritative \u201ccentralized resource\u201d on state cyber programs, said \u201cthe ROI piece is really key to this equation.\u201d She said \u201cthe idea is to get hard numbers in front of state legislators and governors and state policymakers that are having a hard time getting this across, essentially moving the conversation away from a risk conversation to a financial conversation.\u201d<\/p>\n<p>The new publication is timely. State chief information officers this year reported sinking levels of confidence in their ability to protect government data stores against AI-enhanced attacks, while increasingly operating with stagnant or slumping budgets. As attested by several state technology officials at a conference last week, getting support for cyber projects often boils down to salesmanship. Michael Watson, Virginia\u2019s chief information officer, said that when trying to get support for cybersecurity projects, he tries to figure out \u201cthat one thing\u201d that a given official or agency cares most about. In her publication, Menna suggests that a universally persuasive argument might be found in economic impact.<\/p>\n<p>One state cyber corps that responded to the Center for Long-Term Cybersecurity survey estimated that an annual budget of $1.15 million led to $20.1 million of \u201ctotal service value,\u201d including incident response and preventative services, spread over four years. Not every cyber corps performs that well, but Menna pointed out that getting a 747% return on investment is an excellent value, one worth pursuing: \u201cthat\u2019s startup-level returns.\u201d\u00a0<\/p>\n<p>The various cybersecurity programs under examination in the guidebook are relatively new, with the oldest among them just more than a decade old. There are brief reviews of the new Texas Cyber Command, a $135 million project still finding its footing, the Wisconsin Cyber Response Team, a volunteer group created in 2015, and New Jersey\u2019s Cybersecurity and Communication Integration Cell, which in 2015 became the nation\u2019s first state-run cyber fusion center. Each cybersecurity organization spawns to serve a unique combination of needs for its place and time, and the report points out that some types of organizations excel where others just get by \u2014 clinics are more effective for growing the cybersecurity workforce, while cyber corps are better at defense, for instance \u2014 and that they\u2019re meant to work in concert.<\/p>\n<p>Menna said although such groups can provide services to government at much more affordable rates than managed security service providers, her advocacy for such organizations isn\u2019t to displace providers \u2014 \u201cwe need more MSSPs\u201d \u2014 but to highlight the federated aspect of cybersecurity and the imperative for states to diversify their organizational holdings. The report provides the analogy of cyberattack as structure fire, in which the RSOC is the smoke alarm, the cyber clinic is the maintenance crew and the cyber corps is the volunteer fire department. If alert systems are funded, but emergency responders are not, \u201cthe building burns down.\u201d<\/p>\n<p>State officials have in recent years widened the circle of their cyber concerns. The natural interdependence of IT systems was steadily fueling a trend later accelerated by the State and Local Cybersecurity Grant Program, a $1 billion tranche of funding that in 2022 encouraged states to take a broader view of security. Officials have begun viewing all cybersecurity happenings within their states\u2019 geographic borders as at least tangentially related to their jobs. This includes agencies on the periphery of the public sector \u2014 county utility offices, fire houses and elementary schools \u2014 but also all the organizations providing services to the public that aren\u2019t part of government \u2014 hospitals, small businesses and nonprofits. Many of these, Menna writes, sit below the \u201ccyber poverty line,\u201d \u201ctarget-rich, resource-poor\u201d organizations that are \u201cuniquely vulnerable to disruption.\u201d<\/p>\n<p>Menna said one source interviewed for the guidebook remarked that \u201cin the last two months they\u2019ve had more calls for service than they\u2019ve ever had before.\u201d It was only an anecdote, she pointed out, but it could be a representative one these days \u2014 \u201cfolks that are running these programs are underwater.\u201d<\/p>\n<p>\t\t\tWritten by Colin Wood<br \/>\n\t\t\tColin Wood is StateScoop&#8217;s editor in chief. Contact him at colin.wood@statescoop.com or cwood.64 on Signal.\t\t<\/p>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>State cyber organizations provide good ROI, UC Berkeley researchers find https:\/\/statescoop.com\/state-cybersecurity-organizations-roi-uc-berkeley\/ Publish Date: 2026-05-05 08:01:00&#8230;<\/p>\n","protected":false},"author":1,"featured_media":208936,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/statescoop.com\/wp-content\/uploads\/sites\/6\/2026\/05\/screenshot-2_12f1f3.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,24],"class_list":["post-208934","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-cybersecurity"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/208934"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=208934"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/208934\/revisions"}],"predecessor-version":[{"id":208938,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/208934\/revisions\/208938"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/208936"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=208934"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=208934"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=208934"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}