Cyber Florida: State Cybersecurity Education and Research Initiative

Cyber Florida is the state-designated cybersecurity research and education center housed at the University of South Florida, established through legislative mandate to strengthen Florida's cybersecurity posture across public, private, and academic sectors. This page covers the initiative's organizational structure, funding mechanisms, program categories, and operational scope as a reference for researchers, workforce professionals, and public sector entities engaging with Florida's cybersecurity infrastructure. Understanding Cyber Florida's role is essential context for navigating the broader Florida cybersecurity service landscape.

Definition and scope

Cyber Florida — formally the Florida Center for Cybersecurity — was created under Florida Statute §1004.444 to serve as a statewide hub for cybersecurity research, education, and workforce development. The University of South Florida serves as the host institution, operating the center in coordination with the State University System of Florida. Its statutory mandate covers three primary functions: developing cybersecurity academic programs across the State University System, conducting applied research aligned with state and national security priorities, and building partnerships with federal agencies, private industry, and law enforcement.

The Florida Legislature authorized the center with recurring annual appropriations channeled through the State University System. Cyber Florida's scope explicitly includes K-12 outreach, higher education curriculum alignment, community college partnerships, and professional workforce development — making it distinct from purely research-focused centers. Florida's cybersecurity workforce development landscape is directly shaped by Cyber Florida's program design and funding allocations.

Scope boundaries apply: Cyber Florida does not function as a regulatory enforcement body, does not issue professional licenses or certifications independently, and does not have jurisdiction over private-sector compliance obligations. Florida businesses subject to the Florida Information Protection Act or federal sector-specific regulations operate under separate regulatory frameworks covered at /regulatory-context-for-florida-cybersecurity. Cyber Florida's coverage does not extend to federal civilian agency cybersecurity standards set by the Cybersecurity and Infrastructure Security Agency (CISA) or the National Institute of Standards and Technology (NIST), though the center aligns programmatic content with NIST frameworks.

How it works

Cyber Florida operates through four functional pillars:

1. Academic program development — Partners with all 12 State University System institutions to expand cybersecurity degree pathways, certificate programs, and faculty development. The center provides funding and curriculum templates to institutions building new programs aligned with the NICE Cybersecurity Workforce Framework published by NIST.

2. Applied research — Funds investigator-led projects targeting critical infrastructure protection, election security, and threat intelligence. Research outputs are often coordinated with federal partners including CISA and the NSF. Florida's critical infrastructure cybersecurity landscape reflects several research priorities established through this pillar.

3. Workforce pipeline programs — Operates the Florida Cyber Range, a virtualized training environment enabling students, professionals, and government personnel to practice incident response, penetration testing, and network defense in simulated scenarios. The Cyber Range supports training activities across all 67 Florida counties.

4. K-12 and public outreach — Funds competitive grant programs for school districts to integrate cybersecurity concepts into STEM curricula, contributing to the broader Florida K-12 school cybersecurity preparedness landscape.

Funding flows from the state budget through the State University System Board of Governors to the University of South Florida, which administers sub-grants to partner institutions and external research teams. The center publishes an annual report to the Florida Legislature per §1004.444(6), documenting expenditures, program outcomes, and strategic priorities.

Common scenarios

Cyber Florida engagement arises across several professional and institutional contexts:

• University faculty and researchers applying for competitive cybersecurity research grants administered through the center's annual solicitation process.
• Community college administrators seeking curriculum alignment and articulation agreements to create transfer pathways into State University System cybersecurity degree programs.
• State agency IT security officers accessing Florida Cyber Range training for security operations center personnel, supporting compliance with the Florida Department of Management Services cybersecurity standards.
• K-12 school district technology coordinators applying for Cyber Florida outreach grants to fund classroom cybersecurity instruction — directly relevant to the challenges documented in the Florida K-12 school cybersecurity reference.
• Workforce development boards and CareerSource Florida partners coordinating Cyber Florida certification preparation programs targeting unemployed or underemployed workers seeking entry into cybersecurity roles.
• Private industry security teams engaging with Cyber Range simulations for tabletop exercises or red team training, particularly in sectors covered under Florida higher education cybersecurity and Florida financial sector cybersecurity frameworks.

Decision boundaries

Cyber Florida serves specific institutional and professional roles but does not replace, duplicate, or override other mechanisms in Florida's cybersecurity ecosystem.

Cyber Florida vs. DMS cybersecurity governance: The Florida Department of Management Services (DMS) holds statutory authority over executive branch agency cybersecurity policy under Florida Statute §282.318. Cyber Florida has no regulatory authority over agency compliance — it provides training and research capacity, while DMS sets and enforces standards.

Cyber Florida vs. FDLE and law enforcement: The Florida Department of Law Enforcement (FDLE) operates the Cyber Crime Office for criminal investigations. Cyber Florida does not investigate cybercrime or support active criminal prosecutions. The Florida law enforcement cyber units reference covers that infrastructure separately.

Cyber Florida vs. private certification bodies: Cyber Florida does not administer or certify credentials such as the CISSP, CEH, or CompTIA Security+. Those credentials are governed by their respective certifying organizations. Florida cybersecurity certifications and licensing addresses the professional credentialing landscape distinct from Cyber Florida's academic scope.

Research center vs. incident response authority: Cyber Florida provides no incident response services during active breaches. Entities experiencing active incidents should engage FDLE, CISA's 24/7 reporting line, and their sector-specific information sharing and analysis center (ISAC). Florida cybersecurity incident response covers the operational response infrastructure.

Organizations operating across Florida's tourism, hospitality, and real estate sectors — areas with elevated wire fraud and social engineering exposure — should treat Cyber Florida's training resources as supplementary capacity-building rather than primary risk mitigation. Those sector-specific threat profiles are addressed in Florida tourism and hospitality cybersecurity and Florida real estate wire fraud cybersecurity.

References

• Florida Statute §1004.444 — Florida Center for Cybersecurity
• Cyber Florida — University of South Florida
• NIST NICE Cybersecurity Workforce Framework (NIST SP 800-181)
• Florida Department of Management Services — Cybersecurity
• CISA — Cybersecurity and Infrastructure Security Agency
• Florida Department of Law Enforcement — Cyber Crime
• State University System of Florida — Board of Governors