Password:
For immediate release: August 22, 2007 Contact: Shawn Karrick
NASCIO Brief Highlights Creating Cultural Change in State Government through IT Security Awareness and Training
(Lexington, KY) - The National Association of State Chief Information Officers (NASCIO), which represents the chief information officers (CIOs) of the states, is pleased to announce the release of its research brief "IT Security Awareness and Training: Changing the Culture of State Government". The brief may be found online at www.nascio.org/publications/. This brief is a product of NASCIO's Information Security and Privacy Committee.
Most state government employees use technology to do their daily work, yet they may not realize the dramatic consequences that can flow from one mistake. As data breaches and security incidents that originate from within state government appear to be on the rise, cultural change is needed towards a more security-conscious state workforce. All state employees need to understand that IT security is everyone's job and know how to use the state's IT resources in a way that minimizes security risks.
NASCIO's new Research Brief highlights how IT security awareness and training activities, if conducted on a consistent basis, can instill cultural change within state government. It also discusses the CIO's role in these activities and points out that State CIOs must partner with other state government officials on this journey towards cultural change. Finally, the brief discusses a broader role that State CIOs may pursue by expanding the scope of awareness efforts to include citizens as well as state employees.
"This brief will serve as a useful and practical companion to NASCIO's 'Insider Security Threats: State CIOs Take Action Now!'. This brief, released in April 2007, discussed the fact that IT security threats from within state government are of growing concern and suggested enterprise-wide awareness and training efforts as effective ways to address those threats," said Brenda Decker, CIO, State of Nebraska and Co-Chair of NASCIO's Information Security and Privacy Committee.
"To implement or enhance current awareness and training efforts, State CIOs need examples of what other states are doing in this area. This brief provides numerous examples of other states' awareness and training efforts and serves as a way for State CIOs to share their best practices in order to help all states achieve a heightened culture of IT security," said Thomas Jarrett, CIO, State of Delaware and Co-Chair of NASCIO's Information Security and Privacy Committee.
NASCIO is the premier network and resource for state CIOs and an effective advocate for technology policies at all levels of government. State members are senior officials from any of the three branches of state government who have executive-level and statewide responsibility for information resource management. Representatives from federal, municipal, and international governments and other state officials participate in the organization as associate members. Private-sector firms and non-profit organizations may join as corporate members.
# # # #
Please contact Mary Gay Whitmer, NASCIO Senior Issues Coordinator, at (859) 514-9209 or mwhitmer@amrms.com or NASCIO Membership & Communications Coordinator , Shawn Karrick , at (859) 514-9156 or skarrick@AMRms.com.
AMR Management Services provides NASCIO's executive staff. For more information about AMR visit http://www.AMRms.com/.
