Law enforcement agencies often lack the time and expertise to engage in the development of a comprehensive cybersecurity program that includes identifying cyber risks, analyzing those risks relative to their frequency and severity, controlling the risks by establishing protocols and training, financing the program, and regularly reviewing and testing the department and its cybersecurity plan.