San Diego, CA Hilton San Diego Bayfront, October 21-24, 2018
MarylandGaylord National Harbor, May 05-08, 2019
This study reports findings and analysis of a comprehensive survey of State Chief Information Security Officers (CISOs) conducted by NASCIO in partnership with Deloitte. The results of the 2014 Deloitte-NASCIO Cybersecurity Study confirm the growing importance of cybersecurity for states.
NASCIO Staff Contact: Meredith Ward, Senior Policy Analyst (mward@NASCIO.org)
NASCIO, TechAmerica, and Grant Thornton LLP have collaborated for a fourth year on the annual survey of state government IT leaders. The 2013 survey report, The Enterprise Imperative, offers the latest insights from State CIOs and concludes these leaders are emphasizing effective enterprise governance models, adopting business disciplines, and forging the right relationships for collaboration. The 2012 survey – Advancing the C4 Agenda – focused on the balancing act that CIOs must maintain both in providing high-quality services and in delivering new, innovative solutions. These demands have not decreased over the past year. CIOs are responding by focusing on the enterprise, and by coordinating across boundaries. The enterprise focus may involve integrating governance and portfolio management across the state, improving the effectiveness of IT procurement, or deploying statewide identity and access management solutions.
The issue brief focuses on state use of social media, specifically on state social media participation policies ("SMPP's"). NASCIO's Legal Advisory Working Group took a look at 31 SMPPs, which focus specifically on guidance/policy given to state employees regarding their participation in social media.
States have come a long way in the past few years, with the majority implementing social media policies or working towards one. However, some of the gaps found have the potential to open up states to some severe heartburn: including employee discontent, management concerns, public perception and liability.
The issue brief also addresses the inclusion of clauses on confidentiality, ethical conduct, security and privacy, and transparency in SMPP's.
This study reports findings and analysis of a comprehensive survey of State Chief Information Security Officers conducted by NASCIO in partnership with Deloitte in July and August of 2012. Both a repeat and extension of a Deloitte-NASCIO survey originally conducted in 2010, it documents the relative strengths and weaknesses of the security programs that protect state governments' vital systems and data. The study identifies areas of concern expressed by state CISOs, and provides a call to action for state CIOs and policy officials on the critical need to support and enhance cybersecurity programs.
For the 2012 observance of National Cyber Security Awareness Month, NASCIO has updated its Resource Guide for State Cyber Security Awareness, Education, and Training Initiatives. The guide includes new information from our state members, who provided examples of state awareness programs and initiatives. This is an additional resource of best-practice information, together with an interactive state map to allow users to drilldown to the actual resources that states have developed or are using to promote cyber awareness. It includes contact information for the CISO, hyperlinks to state security and security awareness pages, and information describing cyber security awareness, training, and education initiatives.
The NASCIO Enterprise Architecture program was developed to enable the mission of state and local government. Government must continually reinvent itself to remain relevant by effectively and efficiently providing services to the citizens of this country. The path to this continual transformation must embrace leadership, management, coordination, communication and technology throughout government. Enterprise architecture is the discipline to appropriately define and leverage these capabilities within the complexities of government.
Funding to support the NASCIO EA Program and information sharing initiative is provided by a grant from the U.S. Department of Justice, the Bureau of Justice Assistance, Office of Justice Programs.
The enhancements in the third version of the Tool-Kit result from the expertise and continued dedication of enterprise architecture practitioners from all levels of government and the private sector. Version 3.0 incorporates an updated governance architecture framework with added roles and responsibilities and a focus on multi-level communication. Process models with explanatory narrative are included for governance and the architecture lifecycle. The Tool-Kit also includes fully populated security domain and application domain blueprints.