city lights globe


Cybersecurity Services for State Government

Let’s make progress

Transforming state government to interact with citizens in real time, across multiple technology platforms, creates cyber risk. It’s unavoidable. But it doesn’t have to derail progress. As a recognized leader in cybersecurity, Deloitte can help you navigate stakeholders and facilitate the evolution of your cyber risk program. Our Secure.Vigilant.Resilient.™ approach, coupled with new ways of engaging, can provide you with options to better manage cyber risk so you can focus on your mission. Let’s make progress together.

Watch to learn about Cyber Risk in State Government

Build a secure, vigilant, and resilient cyber risk program to protect citizen information

State organizations need to understand their cyber security risk profile and threat landscape by performing a foundational risk assessment. Deloitte can assess the status of agency and statewide security programs and help establish risk-prioritized controls to protect against known and emerging threats, and comply with standards and regulations. Our services include the complete lifecycle of advisory, implementation and managed services: Cyber Risk Assessment Services; Security & Privacy Program Implementation; Application Security Assessment, Design and Remediation; Continuous Monitoring and threat analytics; Business Continuity/Resilience; and Cyber Workforce Development.

Back to top

Trees and sun

2018 Deloitte-NASCIO Cybersecurity Study

The Fifth Biennial Deloitte-NASCIO Cybersecurity Study reflects insights from all 50 states on the chief information security officers (CISOs) role and budget, governance, reporting, workforce, and operations. US state CISOs have an opportunity to pursue three “bold plays” that can help them address persistent budgetary and talent challenges to improve and safeguard their state’s cybersecurity posture and IT infrastructures.

Learn more about the 2018 Deloitte-NASCIO Cybersecurity Study.

Back to top

Improving California state government cybersecurity: A case study

The California Cybersecurity Integration Center’s (Cal-CSIC) voluntary information sharing model provides statewide support to agencies, service providers, academic institutions, and private-sector organizations. And as this case study reveals, this model also helps the Cal-CSIC give state leadership a unified view into cyber threats.

Read more about the spotlight on California Cybersecurity Integration Center.

Back to top

Enable seamless and secure access to online citizen services

State governments are challenged with siloed Identity & Access Management (IAM) technologies and processes. To provide citizens seamless access to online state services, states need to move to a consolidated IAM strategy that supports the business model. Deloitte’s IAM services include: IAM Strategy and Implementation, IAM Management, Identity Correlation & Intelligence, NSTIC-driven IAM, Social Media Logins, and Secure Cloud Access.

Working with Deloitte, Michigan’s Department of Technology, Management and Budget (DTMB) created the MILogin user identity management solution. MILogin centralizes user identity and access management across state agencies, applications, and services to provide account holders with a single sign-on that protects their private data through strong authentication.

Learn more about the DTMB-Deloitte MILogin solution.

Back to top

Protecting critical infrastructure from cyber threats

Increasingly sophisticated cyberattacks on critical infrastructure have put governments worldwide on high alert. Most states have established cyber risk programs focused on citizen data protection but cybersecurity specifically for critical infrastructure is typically a missing piece in those programs.

This report provides an overview on the cyber risks and ideas for leading a statewide, public-private collaboration for addressing cyber security for critical infrastructure.

Back to top

Managed Cyber Risk Services

Deloitte offers a suite of Cyber Risk Managed Services to help government agencies elevate their cyber risk operations and better achieve mission goals. Our managed services feature industry-leading capabilities that can be tailored to your organization’s specific risks. Deloitte offers scalable and flexible pricing solutions with embedded quality control to help drive operational efficiency and cost-effectiveness. With all our managed services, we look for ways to leverage automation to help promote efficiency and innovation. In addition, our managed services can be provided on-premises or through a hosted cloud infrastructure to align with your organizational strategy.

Back to top


Design a vigilant security platform to continuously monitor and protect citizen information

As it becomes increasingly difficult to prevent infiltrations and unauthorized activity, state organizations need threat awareness and advanced detection and intelligence solutions to rapidly identify unauthorized or anomalous activity in their environments. State organizations should develop a comprehensive, ongoing security platform to monitor potential cybersecurity issues. Vigilant by Deloitte services include: continuous monitoring, Cyber Threat Intelligence, Security Information and Event Monitoring (SIEM), Security Compliance Remediation and Managed Security Services.

Back to top

Get in touch

Srini Subramanian

Srini Subramanian

Principal | Deloitte Risk and Financial Advisory

Srini is a principal in Deloitte & Touche LLP’s Cyber Risk Services practice and leads the Risk and Financial Advisory practice for the SLHE Sector. He has more than 30 years of technology experience,... More

Michael Wyatt

Michael Wyatt

Principal | Deloitte & Touche LLP

Michael is the Deloitte Risk and Financial Advisory principal for the Cyber Risk Services Identity Management practice at Deloitte & Touche LLP. He is a recognized leader in identity management as wel... More