City/County Cybersecurity Partnership

The objective of this NSF-funded project (NSF Award #1623653) is to develop and provide focused and context specific cybersecurity leadership education and training for city and county governments.


Project Summary

The project will develop local government cybersecurity modules to augment existing cybersecurity degree curriculums as well as develop standalone local government cybersecurity education modules.  As part of these efforts, the project will develop a cybersecurity toolkit, readiness assessment and roadmap for local governments to better undertake cross jurisdiction collaboration amongst cities, counties and states in cybersecurity leadership, capabilities, technologies, resources and vendor contracts.   The project will scale by partnering with cities, counties and universities in a national local government cybersecurity learning community for regional workshops and ongoing training and cybersecurity cross jurisdiction sharing development. Expand to read more about project summary.

The project's rationale is that local governments often have limited funding and cybersecurity expertise but have major roles in providing citizen services and operating critical infrastructure.  Approximately 60% of the U.S. counties have less than 50,000 residents but "nearly all counties play a role in the nation's critical infrastructure" (Council of State Governments, 2015).   Counties own 45% of the U.S. road miles,  40% of the bridges and are involved in the operation of 30% of public airports, 1,550 health departments, 3,105 police and sheriff's departments, and utilities such as water and electricity (National Association of Counties, 2015).    Cities and counties are critical to the nation's resilience and emergency response.

Building upon experiences in public health, public safety and IT, cross jurisdictional sharing of services is a growing strategy used at local levels to address challenges such as tight budgets and limited expertise.   The scalable nature of technology operations makes cybersecurity a good candidate for municipal collaborations. Our initiative develops the curricula and provides the expertise, toolkit, roadmap and training for local governments to strengthen their cybersecurity programs overall and share each other's cybersecurity capabilities and resources to achieve stronger cybersecurity status.

This project builds upon our research projects, cybersecurity education programs and industry engagement including interviews of local government CISOs and CIOs for the NSF project "Bridging the Cybersecurity Leadership Gap: Assessment, Competencies and Capacity Building" with the objective of developing CISO core competencies and corresponding learning objectives. The project also builds upon Mason's designation as a DHS Center of Academic Excellence in Information Assurance Education and in Information Assurance Research, and founding partner of the U.S. Government's CIO University.

Intellectual Merit

This effort will be the first in the nation to explore local government focused cybersecurity education, and the first to highlight cross jurisdictional capacity sharing in cybersecurity for local governments.  Specifically, the following questions will be explored and evaluated and products developed:

Broader Impacts

We will make all research findings, including toolkits, roadmaps and curriculums available to local governments and universities and promote the results and adoption through regional workshops and annual conferences.  The materials will be utilized in online courses and webinars and George Mason will host a national clearinghouse of resources for local cybersecurity and cross-jurisdictional cybersecurity capacity sharing. In addition, the project will raise awareness of cybersecurity and promote cybersecurity training to rural cities and counties that comprise the U.S.' largest proportion of local governments.