Date

6-17-2026

Department

Helms School of Government

Degree

Doctor of Public Policy (DPP)

Chair

Eugene Belmain

Keywords

Cybersecurity Policy, State Government, Cyber Deterrence, Cyber Denial, Cyber Actors, Advanced Persistent Threats (APT), Critical Infrastructure, Multilinear Regression, AI, Whole-Nation Cyber Defense

Disciplines

Computer Sciences | Public Affairs, Public Policy and Public Administration

Abstract

Cyber incidents are among the most pervasive threats facing the United States, with the FBI recording over 859,000 reported attacks and an estimated $16.6 billion in losses in 2024 alone. Despite widespread recognition that effective cyber defense requires a whole-nation approach, the existing research literature overwhelmingly focuses on federal policy, leaving state governments as largely overlooked actors. This study addresses that gap by examining the research question: How does state cybersecurity policy affect malicious cyber actors' frequency of operations? Drawing on multilinear regression analysis augmented by Random Forest machine learning models, this study evaluates the relationship between state-level cyber deterrence and denial policies and reported cyber incident rates across U.S. states. Findings indicate that structural factors — particularly population density and economic capacity — are the dominant predictors of cyber incident frequency, with policy variables exerting more limited and conditional influence. These results challenge assumptions underlying current state cyber policy and carry significant implications for policymakers seeking evidence-based approaches to state-level cyber defense.

Download

Share

COinS