Email This Page     |     Print This Page     |    

Comments?     |     Share This Link

NEWS ROOM   |   Press Releases

For immediate release: April 18, 2007
Contact: Shawn Karrick

NASCIO Releases Insider Security Threats: State CIOs Take Action Now!

(Lexington, KY) - The National Association of State Chief Information Officers (NASCIO), which represents the chief information officers (CIOs) of the states, released "Insider Security Threats: State CIOs Take Action Now!" It is available at: www.nascio.org/publications.

This brief examines the often overlooked threats from within. Media attention has focused primarily on external threats with federal government and industry reports revealing alarming hacking and identity theft statistics. However, threats from within both public and private sector organizations may be even more prevalent than external threats and can have equally if not more serious consequences.

This brief discusses five significant insider threats and provides insight on ways to prevent, detect and respond to them. The threats are as follows:

• Malicious Employees
• Inattentive, Complacent or Untrained Employees
• Contractors and Outsourced Services
• Insufficient IT Security Compliance, Oversight, Authority and Training
• Pervasive Computing-Technology is Everywhere and Data is on the Move

"While technology has allowed state government employees to work-on-the-go and online citizen services are available around the clock, these advances have contributed to greater opportunities for security breaches. In many instances, these risks are the consequences of technological convenience afforded to those inside state government," said Brenda Decker, Chief Information Officer for the State of Nebraska and NASCIO Security and Privacy Committee Co-Chair.

"State managers and employees have a greater responsibility than ever to protect state technology resources and minimize the insider threat. It's everyone's job," said Thomas Jarrett, Chief Information Officer for the State of Delaware and NASCIO Security and Privacy Committee Co-Chair. "This brief highlights ways that the State CIOs can foster a culture of security that is consistent across the state enterprise."

NASCIO is the premiere network and resource for state CIOs and an effective advocate for technology policy at all levels of government. NASCIO represents state chief information officers and information resource executives and managers from the 50 states, six U.S. territories, and the District of Columbia. State members are senior officials from any of the three branches of state government who have executive-level and statewide responsibility for information resource management. Representatives from federal, municipal, and international governments and state officials who are involved in information resource management but do not have chief responsibility for that function participate in the organization as associate members. Private-sector firms and non-profit organizations may join as corporate members.

# # #

For more information from NASCIO, please contact Mary Gay Whitmer, NASCIO Senior Issues Coordinator, at (859) 514-9209 or mwhitmer@AMRms.com. AMR Management Services provides NASCIO's executive staff. For more information about AMR visit http://www.AMRms.com.