NASCIO Publications

State CIO Top Ten Policy and Technology Priorities for 2010

  • 15 November 2009
  • Author: Mike Cooke
  • Number of views: 9087
  • 0 Comments
State CIO Top Ten Policy and Technology Priorities for 2010
Each year NASCIO conducts a survey of the state CIOs to identify and prioritize the top policy and technology issues facing state government. The CIOs top ten priorities are identified and used as input to NASCIO's programs, planning for conference sessions, and publications.

Resource Guide for State Cyber Security Awareness, Education, and Training Initiatives

  • 16 September 2009
  • Author: Mike Cooke
  • Number of views: 7240
  • 0 Comments
Resource Guide for State Cyber Security Awareness, Education, and Training Initiatives
For the observance of the sixth annual National Cyber Security Awareness Month, NASCIO has created a Resource Guide of examples of state awareness programs and initiatives. The compendium augments previously gathered information with data from a just-completed, short survey of state CISOs. It includes links to state security awareness pages, contact information for state CISOs, and information describing cyber security awareness, training, and education initiatives that target four categories: Executives/Elected Officials; Citizens; State Workers; and IT Security Personnel.

The Resource Guide is a work-in-progress that should provide a valuable reference resource for Cyber Security Awareness Month, as well as the ongoing planning of security awareness and training efforts state programs may undertake thereafter.

Security at the Edge — Protecting Mobile Computing Devices

  • 8 July 2009
  • Author: Mike Cooke
  • Number of views: 18951
  • 0 Comments
Security at the Edge — Protecting Mobile Computing Devices
The business of government is increasingly conducted or supported by mobile computing devices as states adopt these tools to un-tether traditional office workers from their desks or employ them for a wide variety of purposes in the field. Use of mobile devices is so widespread that it is difficult to imagine how state governments can operate without them, given their increased computing power and the ease with which they may be integrated with state networks and databases via the Internet. At the same time, however, mobile devices are unusually vulnerable to loss, theft, mis-use, or misconfiguration, which can and does lead to the loss of sensitive data. Security at the Edge highlights the risks associated with uncontrolled use of mobile devices, and targets the standards and procedural controls that allow state CIOs to better secure them.

Desperately Seeking Security Frameworks – A Roadmap for State CIOs

  • 25 March 2009
  • Author: Mike Cooke
  • Number of views: 18502
  • 0 Comments
Desperately Seeking Security Frameworks – A Roadmap for State CIOs
State CIOs, chief security officers, and the IT security professionals who work with them face a challenging and sometimes confusing array of security frameworks – these may be pushed down by Federal agencies, issued by national or international standards bodies, promoted by industry as best practice, or in some instances, be written into law or federal regulation. Desperately Seeking Security Frameworks provides an overview of the primary security standards, regulations, and laws that impact state IT security programs, highlights how states have used the frameworks to shape their security architectures, policies, standards, and controls, and identifies the key issues for CIOs as they establish and maintain IT security programs.

State CIO Top Ten Policy and Technology Priorities for 2009

  • 3 November 2008
  • Author: Meghan Penning
  • Number of views: 8487
  • 0 Comments
State CIO Top Ten Policy and Technology Priorities for 2009
Each year NASCIO conducts a survey of the state CIOs to identify and prioritize the top policy and technology issues facing state government. The CIOs top ten priorities are identified and used as input to NASCIO's programs, planning for conference sessions, and publications.

Protecting the Realm: Confronting the Realities of State Data at Risk

  • 10 September 2008
  • Author: Mike Cooke
  • Number of views: 7795
  • 0 Comments
Protecting the Realm: Confronting the Realities of State Data at Risk
This brief underlines the criticality of managing states’ digital assets and identifies key, high-level elements for establishing better data security programs within states. The brief covers data ownership and governance issues, recommends grounding data protection efforts in states’ enterprise architecture frameworks, and outlines nine primary elements that a comprehensive data protection program must incorporate or address. It describes data classification frameworks that have been developed in both state and federal agencies, and includes summaries of operational data classification and security initiatives in the states of Ohio, Arkansas, and Iowa.

State CIO Top Ten Policy and Technology Priorities for 2008

  • 5 November 2007
  • Author: Meghan Penning
  • Number of views: 8809
  • 0 Comments
State CIO Top Ten Policy and Technology Priorities for 2008
Each year NASCIO conducts a survey of the state CIOs to identify and prioritize the top policy and technology issues facing state government. The CIOs top ten priorities are identified and used as input to NASCIO's programs, planning for conference sessions, and publications.

IT Security Awareness and Training: Changing the Culture of State Government

  • 22 August 2007
  • Author: Mike Cooke
  • Number of views: 7143
  • 0 Comments
IT Security Awareness and Training: Changing the Culture of State Government
Most state government employees use technology to do their daily work, yet they may not realize the dramatic consequences that can flow from one mistake. As data breaches and security incidents that originate from within state government appear to be on the rise, cultural change is needed. All state employees need to understand that IT security is everyone’s job and understand how to use the state’s IT resources in a way that does not create the risk of a security incident. NASCIO’s Research Brief, "IT Security Awareness and Training: Changing the Culture of State Government" , highlights awareness and training activities that State CIOs can implement to avoid internal threats that can lead to a full-on state government crisis. To assist CIOs in pursuing these efforts, this brief includes many examples of awareness and training activities that are currently taking place with the states. This brief is a product of NASCIO’s Information Security and Privacy Committee.

Insider Security Threats: State CIOs Take Action Now!

  • 18 April 2007
  • Author: Mike Cooke
  • Number of views: 7539
  • 0 Comments
Insider Security Threats: State CIOs Take Action Now!
This brief examines the often overlooked threats from within. Media attention has focused primarily on external threats with federal government and industry reports revealing alarming hacking and identity theft statistics. However, threats from within both public and private sector organizations may be even more prevalent than external threats and can have equally if not more serious consequences.

State CIO Top Ten Policy and Technology Priorities for 2007

  • 6 November 2006
  • Author: Meghan Penning
  • Number of views: 8298
  • 0 Comments
State CIO Top Ten Policy and Technology Priorities for 2007
Each year NASCIO conducts a survey of the state CIOs to identify and prioritize the top policy and technology issues facing state government. The CIOs top ten priorities are identified and used as input to NASCIO's programs, planning for conference sessions, and publications.
RSS
12345678

Publications By Category

Publications By Date