GOVERNMENT AFFAIRS & ADVOCACY   |   Cyber Security Awareness

Welcome to NASCIO's Cyber Security Awareness Website
Last updated October 01, 2012

NASCIO Cyber Security Awareness Resource Guide

For the 2012 observance of National Cyber Security Awareness Month, NASCIO has updated its Resource Guide for State Cyber Security Awareness,Education, and Training Initiatives. The guide includes new information from our state members, who provided examples of state awareness programs and initiatives. This is an additional resource of best-practice information, together with an interactive state map to allow users to drilldown to the actual resources that states have developed or are using to promote cyber awareness. It includes contact information for the CISO, hyperlinks to state security and security awareness pages, and information describing cyber security awareness, training, and education initiatives.

The Resource Guide is a work-in-progress that should provide a valuable reference resource for Cyber Security Awareness Month, as well as the ongoing planning of security awareness and training efforts state programs may undertake thereafter.

NACIO Cybersecurity Call to Action

This call to action directs the attention of new and incumbent governors to a key set of questions state policy leaders should ask state chief information officers (CIOs) and chief information security officers (CISOs) regarding cybersecurity threats to state government. It highlights the need to establish statewide information security policies and technical controls that are coordinated with federal initiatives and private sector efforts, all of which must be fully integrated to protect IT-based services to citizens, state networks, and the sensitive information held by governments at all levels.

State Governments at Risk: A Call to Secure Citizen Data and Inspire Public Trust
September 2010

People put a lot of trust in state governments to collect, maintain and protect the appropriate information necessary to execute their programs, protect individual rights, and ensure public safety. The volume of that information expands at an ever-increasing pace, and maintenance and protection of that information, particularly where it involves Personally Identifiable Information (PII) and Personal Health Information (PHI), becomes more and more challenging. The 2010 Deloitte-NASCIO Cybersecurity Study finds that states need to do more to secure citizen data and maintain public trust.

• NASCIO Cyber Security Awareness Resource Guide
• Promoting Cyber Security Awareness Month
• NASCIO Resources on Cyber Security Awareness
• Partner Organization Resources

In support of the 9th annual National Cyber Security Awareness Month, the National Association of State Chief Information Officers (NASCIO) has again partnered with the Department of Homeland Security's National Cyber Security Division (NCSD), the Multi-State Information Sharing and Analysis Center (MS-ISAC), and the National Cyber Security Alliance (NCSA), to promote government's commitment to securing cyberspace and protecting the citizens who rely on Internet technologies in their daily activities. Each of these organizations has developed extensive security awareness resources and toolkits that are available through their websites, and links to those and other resources are provided on NASCIO's Cyber Security Awareness page.

State CIOs and the programs they administer have supported cyber security awareness month from its inception, and states address IT security and privacy awareness, education, and training on a year-round basis.

Promoting Cyber Security Awareness Month

• White House Cyber Security Page
• NASCIO’s Press Release – October 01, 2012

NASCIO Resources on Cyber Security Awareness

At Risk! Securing Government in a Digital World
January 2008

Technology makes so much possible for government. Yet, when a security breach disrupts government operations—the results can be disastrous.

How serious are the threats against government operating in a digital age? It is like fighting a storm that never ends. The threats are everywhere—outside and inside—and they are there all the time. Always changing and adapting.

• NASCIO Call-to-Action: The Necessity for Maturing Identity and Access Management in State Government
  November 2012
• 2012 Deloitte-NASCIO Cybersecurity Study State governments at Risk: A Call for Collaboration and Compliance
  October 2012
• The State Identity Credential and Access Management Guidance and Roadmap (SICAM)
  September 2012
• Capitals in the Clouds Part IV – Cloud Security: On Mission and Means
  May 2012
• Capitals in the Clouds Part III – Recommendations for Mitigating Risks: Jurisdictional, Contracting and Service Levels
  December 2011
• The Heart of the Matter: A Core Services Taxonomy for State IT Security Programs
  October 2011
• Capitals in the Clouds - The Case for Cloud Computing in State Government Part II: Challenges and Opportunities to Get Your Data Right
  October 2011
• State Cyber Security Resource Guide: Awareness, Education, and Training Initiatives
  September 2011
• Capitals in the Clouds - The Case for Cloud Computing in State Government Part I: Definitions and Principles
  June 2011
• State Governments at Risk: A Call to Secure Citizen Data and Inspire Public Trust
  September 2010
• Security at the Edge: Protecting Mobile Computing Devices Part II: Policies on the Use of Personally Owned Smartphones in State Government
  March 2010
• Resource Guide for State Cyber Security Awareness, Education, and Training Initiatives
  September 2009
• Security at the Edge — Protecting Mobile Computing Devices
  July 2009
• Desperately Seeking Security Frameworks – A Roadmap for State CIOs
  March 2009
• Protecting the Realm: Confronting the Realities of State Data at Risk
  September 2008
• IT Security Awareness and Training: Changing the Culture of State Government
  August 2007
• Insider Security Threats: State CIOs Take Action Now!
  April 2007

State Cyber Security Awareness Websites

Partner Organization Resources

Department of Homeland Security - Stop. Think. Connect.
The Stop. Think. Connect. Campaign is a national public awareness effort to guide the nation to a higher level of Internet safety by challenging the American public to be more vigilant about practicing good “cyber hygiene.” Stop. Think. Connect. raises public awareness about the need to strengthen cybersecurity and generates and communicates new approaches and strategies to help Americans increase their safety and security online.


MS-ISAC - Multi-State Information Sharing and Analysis Center

• Cyber Security Awareness Resources Page
• 2012 National Cyber Security Awareness Month Page (Includes 2012 Toolkit, Tips and Events)
• Cyber Security Awareness Training and Videos

National Cybersecurity Alliance / StaySafeOnline.org

• Cyber Security Awareness Month Page

Educause

• National Cyber Security Awareness Resource Kit

Staff contact: Charles Robb, Senior Policy Analyst
Phone: 859-514-9209
E-mail: crobb@AMRms.com