NEWS ROOM | Press Releases
For immediate release: September 10, 2008
Contact: Shawn Karrick
NASCIO Brief Emphasizes Critical Requirements for Protection of Government Data
The National Association of State Chief Information Officers (NASCIO) is pleased to announce the release of its issue brief "Protecting the Realm: Confronting the Realities of State Data at Risk." The brief, a product of NASCIO's Security & Privacy Committee, may be found online at www.nascio.org/publications.
"Protecting the Realm" underlines the criticality of managing states' digital assets and identifies key, high-level elements for establishing better data security programs within states. The brief covers data ownership and governance issues, recommends grounding data protection efforts in states' enterprise architecture frameworks, and outlines nine primary elements that a comprehensive data protection program must incorporate or address. It describes data classification frameworks that have been developed in both state and federal agencies, and includes summaries of operational data classification and security initiatives in the states of Ohio, Arkansas, and Iowa.
"The sheer volume of data breaches reported is ample evidence that public agencies need to do a better job protecting personal information about citizens," said Nebraska CIO and committee co-chair Brenda Decker. "There is a limit to how much state business we can conduct electronically unless the mechanics for protecting that data are in place, operating, and trusted."
"Whether we're hearing more about data breaches because there are more of them or because incident reporting is better is frequently debated," Mike Locatis, Colorado CIO and committee co-chair added, "but the fact is, we know how quickly the volume of data increases and that managing it effectively is under-addressed. The value of the brief for me is that it not only describes what to do, it tells where to start. And probably most helpfully, it describes programs where efforts are already underway."
NASCIO is the premier network and resource for state CIOs and an effective advocate for technology policies at all levels of government. State members are senior officials from any of the three branches of state government who have executive-level and statewide responsibility for information resource management. Representatives from federal, municipal, and international governments and other state officials participate in the organization as associate members. Private-sector firms and non-profit organizations may join as corporate members.
###
For information regarding this brief or NASCIO's Security & Privacy Committee, please contact Charles Robb, NASCIO Senior Policy Analyst, at (859) 514-9209 or CRobb@AMRms.com; or contact Shawn Karrick, NASCIO Membership and Communications Coordinator, at (859) 514-9156 or skarrick@amrms.com.
AMR Management Services provides NASCIO's executive staff. For more information about AMR visit www.AMRms.com.
