Return to Homepage


Home   |   Site Map   |   Privacy   |   Contact Us   |   RSS YouTube Twitter Linked In Facebook Instagram NASCIO Community
committees
Email This Page     |     Print This Page     |    
Comments?     |     Share This Link

COMMITTEES   |   Security & Privacy Committee

About the Committee


Issue Statement: To preserve government's ability to serve citizens, state CIOs must help protect state IT systems and services, while preserving the privacy of personal and sensitive information within those systems. State governments meet this obligation in the context of the larger IT network that interconnects state, local, and federal systems and allows direct citizen interaction with government programs and services through the Internet. A major focus is integration and coordination of federal, state, local government, and private sector efforts that further a national cyber security agenda.

Goals and Objectives: Support NASCIO's strategic objective of protecting the information technology infrastructure of the twenty-first century.

The committee focuses on the intersection between security and privacy to help state CIOs formulate high-level security and data protection policies and technical controls to secure the states' information systems and protect the personal and sensitive information within them. The committee monitors new security and privacy threats created by emerging technologies, as well as federal privacy and security legislation for collateral impact on the states. The committee fulfills NASCIO's goals of strengthening state CIOs' awareness of important IT issues and promoting the sharing of best practices, experiences and expertise.

Meeting Schedule: The committee meets the third Tuesday of each month at 1:00 pm Eastern.

Staff contact: Meredith Ward
Phone: (859) 514-9209
E-mail: mward@NASCIO.org

Committee Roster

Co-Chair:
Michael Cockrill, State of Washington
  Co-Chair:
Mark Raymond, State of Connecticut

Sue Adams, Commonwealth of Massachusetts
Cinnamon Albin, State of Oregon
Michael Aliperti, Center for Internet Security
Daren Arnold, State of Ohio
Kannan Arunachalam, Unisys
Troy Arwine, Microsoft
Erik Avakian, Commonwealth of Pennsylvania
Bharanedaran Balasubramanian, Deloitte Consulting LLP
David Ballard, CenturyLink
Vik Bansal, Deloitte Consulting LLP
David Bear, CenturyLink
Chris Bennett, District of Columbia
Michael Berman, Datacard
Tim Blevins, CGI Technologies & Solutions Inc.
Claudia Boldman, Commonwealth of Massachusetts
Bret Brasso, FireEye
David Brown, State of Ohio
Gary Buonacorsi, EMC Corporation
Dana Burmaster, State of Wisconsin
Kevin Burns, Commonwealth of Massachusetts
Chris Buse, State of Minnesota
John Byers, State of Kansas
John Bys, Tripwire
Elizabeth Caldwell, MPA, State of New Jersey
David Carter, Commonwealth of Kentucky
Victor Chakravarty, State of Maine
Todd Crosby, State of Hawai'i
Justin Dew, HID Global
Rafael C Diaz, State of Illinois
James Doucette, NIC
Joe Ellington, HP
Julie Evans, Center for Internet Security
John Thomas Flynn, TechLeader.TV
Andy Ford, NIC
Mark Ford, Deloitte Consulting LLP
Crystal Fox, Commonwealth of Pennsylvania
Jeff Franklin, State of Iowa
Thomas Fruman, State of Georgia
Amy Glasscock, NASCIO
Tim Guerriero, State of Arizona
Tim Hastings, State of Utah
Rick Hedeman, EMC Corporation
Mitch Herckis, NASCIO
Anthony Hernandez, Grant Thornton LLP
Chris Hobbs, State of Nebraska
Chad Holmes, FireEye
Henry Horton,
Christopher Ipsen, State of Nevada
Laura Iwan, Center for Internet Security
Cynthia Izzo, KPMG LLP
Jana M Jackson, ViON Corporation
Jack Johnson, Motorola Solutions
Agnes Kirk, State of Washington
  Peter Kirkwood, MorphoTrust USA
James Knopka, AT&T
Paul Laurent, Oracle USA Inc.
Katrina LeMay, Commonwealth of Kentucky
Mike Lettman, State of Arizona
Samuel Loewner, MAXIMUS Inc.
Enoch Long, Splunk Inc.
Alisanne Maffei, State of Nevada
Mike Malik, State of Delaware
Mark McChesney, Commonwealth of Kentucky
Stuart McKee, Microsoft
Frank Morrow, Commonwealth of Pennsylvania
Sarah Morrow, State of South Carolina
Jessica Mueller, NASCIO
Robert A Myles, Symantec
Stephen Newell, IBM
Kirk Norsworthy, Xerox
Andris Ozols,
Dean Papa, Symantec
Meghan Penning, NASCIO
Brendan M Peter, CA Technologies
Ted Pibil, Harford County, Maryland
Lynne Pizzini, State of Montana
Mark Reardon, State of Georgia
Pyreddy Reddy, State of North Carolina
James A Richards, III, State of West Virginia
Trace Ridpath, State of Colorado
Caroline Rinker, Symantec
Charles Robb, Commonwealth of Kentucky
Doug Robinson, NASCIO
Michele Robinson, State of California
Michael Roling, State of Missouri
Renault Ross, Symantec
Mike Russo, State of Florida
Eric Simon, HP
Deborah Snyder, State of New York
Elaine A. Solomon, HP
Karen Sorady, State of New York
Mark Spreitzer, CGI Technologies & Solutions Inc.
Tad Stahl, State of Indiana
Chris Stanley, State of New York
Elayne Starkey, State of Delaware
Srini Subramanian, Deloitte Consulting LLP
Kathleen Synstegaard, Datacard
Herb Thomas Thompson, State of Wisconsin
Lisa Thompson, NASCIO
Carlos Valarezo, Symantec
Marcos Vieyra, State of South Carolina
Meredith Ward, NASCIO
Kip Welty, Novell Inc.
David Williams, State of West Virginia
Mike Wyatt, Deloitte Consulting LLP
Mr. Chul Yim, FireEye
 

Committee Publications

NASCIO 2014 Cybersecurity Awareness Resource 
Guide NASCIO 2014 Cybersecurity Awareness Resource Guide
September 2014

For the 2014 observance of National Cyber Security Awareness Month, NASCIO has updated its Resource Guide for State Cybersecurity Awareness, Education, and Training Initiatives. The guide includes new information from our state members, who provided examples of state awareness programs and initiatives. This is an additional resource of best-practice information, together with an interactive state map to allow users to drilldown to the actual resources that states have developed or are using to promote cyber awareness. It includes contact information for the CISO, hyperlinks to state security and security awareness pages, and information describing cybersecurity awareness, training, and education initiatives.

 
The Resource Guide is a modifiable work that should provide a valuable reference resource for Cyber Security Awareness Month, as well as the ongoing planning of security awareness and training efforts state programs may undertake thereafter.

Capitals in the Clouds Part VI: Cloud 
Procurement: From Solicitation to Signing
Capitals in the Clouds Part VI: Cloud Procurement: From Solicitation to Signing
April 2014

As first reported in the NASCIO/TechAmerica/Grant Thornton 2013 State CIO Survey, The Enterprise Imperative: Leading Through Governance, Portfolio Management, and Collaboration, states continue to turn to cloud solutions, with services such as email and storage remaining the most popular. 74% of respondents said that their state has some applications in the cloud. For several years now, the NASCIO has discussed the transition in the state information technology environment as state CIOs sought new approaches to traditional delivery models. The recession prompted state leaders to examine new approaches and leverage technology opportunities. The use of cloud services by state government is the most obvious manifestation of this transition. In 2011, NASCIO launched its Capitals in the Clouds series on this topic. Three years later, states continue to investigate and to leverage cloud solutions, software as a service (SaaS) and infrastructure as a service, with services such as email and data storage remaining the most popular.


NASCIO Cybersecurity Awareness Resource Guide NASCIO Cybersecurity Awareness Resource Guide
September 2013

For the 2013 observance of National Cyber Security Awareness Month, NASCIO has updated its Resource Guide for State Cybersecurity Awareness, Education, and Training Initiatives. The guide includes new information from our state members, who provided examples of state awareness programs and initiatives. This is an additional resource of best-practice information, together with an interactive state map to allow users to drilldown to the actual resources that states have developed or are using to promote cyber awareness. It includes contact information for the CISO, hyperlinks to state security and security awareness pages, and information describing cybersecurity awareness, training, and education initiatives.

The Resource Guide is a work-in-progress that should provide a valuable reference resource for Cyber Security Awareness Month, as well as the ongoing planning of security awareness and training efforts state programs may undertake thereafter.


.

Taking the Lead: Green IT in the States Newsbrief Subscriptions National Information Exchange Model