Threat Landscape
State governments stand at a pivotal crossroads in the face of intensifying cyber risk and fraud.
As stewards of vast amounts of sensitive data and critical infrastructure, states are prime targets for increasingly sophisticated cybercriminals and nation-state actors, who exploit vulnerabilities in legacy systems, fragmented infrastructures, and outdated access controls.
Threats Targeted by the START Initiative
1 / Nation-State Actors
Nation-state actors pose the greatest threat to states, infiltrating public systems, impersonating legitimate users, and silently preparing for large-scale disruption, data theft, and sabotage.
2 / User-Controlled Access Credentials (Passwords)
Today’s login credentials—passwords, passkeys, multi-factor codes, and device-based authenticators—are managed by users and easily stolen and misused. The exploitation of these ‘trusted’ credentials is now the primary driver behind ransomware attacks, data theft, and prolonged intrusions.
3 / Threat of Quantum Computing
Quantum computing threatens to render current encryption obsolete, exposing states to catastrophic breaches of sensitive data and critical infrastructure unless quantum-secure systems are urgently built.
4 / Critical Shortage of Cybersecurity Workforce
The critical shortage of cybersecurity talent has made the reliance on detection-based, human-intensive solutions unsustainable, leaving state governments under-resourced and overexposed.
5 / Reactive Cybersecurity Tools
Cybersecurity tools including Zero Trust and XDR (extended detection and response) operate on the assumption that breaches are inevitable, focusing on detection and containment after intruders are inside. This has left states reacting to threats instead of preventing them—giving adversaries the time and access needed to cause irreparable damage, and resulting in significant losses and costs.