Georgia Case Study

Since the early 2000s, the state of Georgia’s executive branch has taken a series of deliberate steps to enable cybersecurity to be governed as an enterprise-wide strategic issue across the executive branch of state government and has included some other state government and private industry stakeholders. This case study describes how Georgia has used laws, policies, structures, and processes to help govern cybersecurity. The study offers concepts and approaches for other states and organizations that face similar challenges.