Minimum requirements if were looking at the high noncompliance rates of utilities, the problems with 56rdability, the problems with small customer bases that just some great emphasis needs to be paid to providing more funding for these disadvantaged and smaller communities. My home state of texas has a lot of money theyre putting into water problems as a result of droughts. Californias done the same thing. Each state runs it different. A lot of states put extra money in. Some states dont. But i think its good. G. A. O. s done a terrific job at looking at some of these issues and i would encourage them to continue to do so. Thank you. My last question for mr. For mayor keegan mr. Newman and mr. Sellman, can you just given us briefly your success on the state resolving fund versus the r. U. S. , or do you access that . Why dont we go with mr. Keegan first . Sure. We havent had very much success. Weve had some limitations due to the average income of ow community. Weve been told its been
Interesting sometimes the best thing to do with information sharing is to keep a secret. And in this case after, to their credit, they handled this fantastic. We are lucky that this turned out to be a microsoft problem because they had a sophisticated Incident Response Security Program and so it was their mistake 15 years ago but the people that handled it now were the right people and we are all very lucky. But they immediately bought it and there was no convincing them that this was serious. That took three emails. They worked on it very hard for a year. The best thing to do was to give them the runway to fix it right. The worst thing to do would have been to put an arbitrary deadline in front of them and told them to fix it fast. In this case there were not ways to fix it fast, so that would have been cited tracking to the detriment of the end of the security goal. So in this case yesterdays way to share information was to give the vendor the runway to fix it and to keep it secret.
Incident response Security Program and so it was their mistake 15 years ago but the people that handled it now were the right people and we are all very lucky. But they immediately bought it and there was no convincing them that this was serious. That took three emails. They worked on it very hard for a year. The best thing to do was to give them the runway to fix it right. The worst thing to do would have been to put an arbitrary deadline in front of them and told them to fix it fast. In this case there were not ways to fix it fast, so that would have been cited tracking to the detriment of the end of the security goal. So in this case yesterdays way to share information was to give the vendor the runway to fix it and to keep it secret. But that is hard and interesting because keeping the secret especially for 13 months is hard. But we actually discovered this issue under contract with a third party so that made it even more interesting. Fortunately, the third party happened to be ica