The State of Cybersecurity in Oregon

Cybersecurity is a white-hot topic of discussion in board rooms, government offices, technology fests, security seminars and even around kitchen tables across the country these days.  A recent Gallup poll found that 67% of Americans worry about hackers stealing their personal information, and 66% worry about identity theft. Indeed, Americans are more likely to report being the victim of cyber crimes than any of the other seven crimes that Gallup measures. It’s against this backdrop of fear and concern that we need to carefully examine the state of cybersecurity in Oregon, and what we can do to protect the digital lives and data of all Oregonians.

First of all, the good news. There is a strong coalition of support for cybersecurity in Oregon, which offers a solid foundation for driving exposure. For example, Technology Association of Oregon (TAO) is a local industry organization that supports entrepreneurs, connects peers and decision-makers, and helps establish the Northwest as a global hub for innovation. Oregon is also home to some of the country’s leading cybersecurity technology companies and top security experts such as McAfee, Cylance, Galois, PacStar, PKI Solutions and more. Indeed, Oregon has all of the components to be seen as a leader in cybersecurity.

Now for the darker side. More than 120 cyber breaches compromising the security of personal information have been reported to the Oregon Department of Justice since the beginning of 2016. These breaches are costly. According to the 2017 Ponemon Cost of Data Breach Study, the global average cost of a data breach is $3.62 million. The average cost for each lost or stolen record containing sensitive and confidential information is $141.

Oregon companies face a critical shortage of trained cybersecurity talent to manage these breaches and other cyber threats. According to, a website that measures the supply and demand in the cybersecurity job market, there are nearly 300,000 positions available nationwide. In Oregon, there are more than 3,000, and the supply/demand ratio is considered “very low.”

Cyber Oregon: Enhancing cybersecurity in Oregon

Oregon is rich in cyber resources—the task is to build and harness these resources to strengthen cybersecurity in our state. That’s why I am a strong proponent of any effort, public or private, to raise the visibility of cybersecurity in Oregon. Senate Bill 90, which Governor Kate Brown signed in September, is a critical first step.

Several vital initiatives are underway, collectively known as Cyber Oregon, thanks to this law and to other endeavors. These include:

  • The Oregon Cybersecurity Awareness Program, which will build awareness across the state about Oregon’s cybersecurity businesses and organizations, education and talent, resources and answers.
  •, a state-wide cybersecurity resource and one-stop information portal for all things cybersecurity in Oregon.
  • Cybersecurity of Oregon Center of Excellence, which will coordinate information sharing related to cybersecurity risks, warnings, and incidents. It will also provide support for cybersecurity incident response and cyber-crime investigations.
  • The official “Oregon Day of Cyber” on November 20

In addition, the state offers many excellent cybersecurity educational programs, including an array of degree programs and numerous certifications. Oregon is dedicated to starting cybersecurity education early on. One of my passion projects is NW Cyber Camp, a weeklong program that gives Oregon high school students hands-on cybersecurity experience and instruction from industry leaders, exposing them to possible futures in cybersecurity.

Cybersecurity starts with you

Many, many talented individuals have devoted their careers and personal time to building cybersecurity in Oregon. You can do your part, too, by taking steps to protect your own personal information, sharing information about cybersecurity jobs and training, and becoming a critical voice in the Cyber Oregon effort. Together, Let’s CyberUp Oregon!