NASCIO Resources

Better Data Security Through Classification: A Game Plan for Smart Cybersecurity Investments

  • April 2017
  • Number of views: 1703
Better Data Security Through Classification: A Game Plan for Smart Cybersecurity Investments
The brief, a joint project between NASCIO’s Cybersecurity Committee and Data Protection Working Group, explains why a risk based cybersecurity approach is the most beneficial to state government data. When states take a risk based approach they improve operational efficiency, assessments are more accurate, attack surfaces are reduced and decision making is improved. As the brief states, taking an enterprise mentality brings together previously silo-based security and IT tools and allows for ongoing and continuous data monitoring and assessing.

State of Washington: Privacy Modeling Demo (webinar)

  • March 2017
  • Number of views: 1937
State of Washington: Privacy Modeling Demo (webinar)
Government is using more data than ever in rendering services to citizens, yet government has few tools to enforce privacy rules or considerations and can’t simply hire enough to meet the demand for expertise. After consulting with academic and legal experts form the privacy community in Seattle, the state's Chief Privacy Officer, Alex Alben, retained a software firm to create a web application which  returns relevant search requests based on the intended use of personal information in a product or service.

State Governments at Risk: Turning Strategy and Awareness into Progress (webinar)

  • December 2016
  • Number of views: 3266
State Governments at Risk: Turning Strategy and Awareness into Progress (webinar)
The 2016 Cybersecurity Survey; 'State Governments at Risk: Turning Strategy and Awareness into Progress', reports findings and analysis of a comprehensive survey of State Chief Information Security Officers (CISOs) conducted by NASCIO in partnership with Deloitte. The results of the 2016 Deloitte-NASCIO Cybersecurity Study highlights the fact that challenges still exist, but cybersecurity is becoming part of the fabric of government operations.

Value and Vulnerability: The Internet of Things in a Connected State Government

  • June 2016
  • Number of views: 12010
Value and Vulnerability: The Internet of Things in a Connected State Government
States are finding that the “Internet of Things” (IoT) can improve efficiency, reduce waste and connect citizens to state services in faster and more affordable ways. But with that value comes vulnerability. States must consider security, privacy, accessibility and standardization when crafting a roadmap for IoT. This policy brief describes ways that states are currently implementing IoT, possibilities for the coming years, and recommendations on avoiding difficulties along the way.

Unmanned Aerial Systems, Governance and State CIOs: On the Radar

  • May 2015
  • Number of views: 14207
Unmanned Aerial Systems, Governance and State CIOs: On the Radar
State governments are turning to unmanned aerial systems (UAS) for a variety of applications. This brief lays out important public policy issues when it comes to state CIO governance of UAS.

Capitals in the Clouds Part III – Recommendations for Mitigating Risks: Jurisdictional, Contracting and Service Levels

  • December 2011
  • Number of views: 7878
Capitals in the Clouds Part III – Recommendations for Mitigating Risks: Jurisdictional, Contracting and Service Levels

Cloud computing will continue to be an invaluable resource for state and local governments in their efforts to rationalize and optimize computing resources. Cloud computing should be seen as an IT innovation that can support rationalization and optimization of business services as well as IT services. Due diligence prescribes the necessity of exploring and evaluating jurisdictional issues in order to ensure long term sustainability and growing adoption of collaborative government operations in state and local government.

Capitals in the Clouds - The Case for Cloud Computing in State Government Part II: Challenges and Opportunities to Get Your Data Right

  • October 2011
  • Number of views: 4490
Capitals in the Clouds - The Case for Cloud Computing in State Government Part II: Challenges and Opportunities to Get Your Data Right
Cloud computing brings with it opportunities, issues and risks. One major consideration that must be addressed is the management of data – governance, stewardship, consistency, ownership and security. Data is the lifeblood of state government operations and critical for service delivery. With the fiscal stress and operational pressures that are driving state and local governments toward serious consideration and adoption of cloud computing, the data must not be ignored. These pressures must be managed intelligently to avoid pushing government into a future situation that could constitute greater cost, and more difficulty in achieving interoperability of government lines of business and government jurisdictions.

Capitals in the Clouds - The Case for Cloud Computing in State Government Part I: Definitions and Principles

  • June 2011
  • Number of views: 4828
Capitals in the Clouds - The Case for Cloud Computing in State Government Part I: Definitions and Principles
Cloud computing has arrived as a serious alternative for state government. There are outstanding issues that must be faced and dealt with in order to maintain the reliability, responsibility, security, privacy, and citizen-confidence in government services. Government is exploring technology and business process innovations that will make the way for government to deliver existing services more economically. Cloud computing provides a number capabilities that have the potential for enabling such innovation.

Resource Guide for State Cyber Security Awareness, Education, and Training Initiatives

  • September 2009
  • Number of views: 3885
Resource Guide for State Cyber Security Awareness, Education, and Training Initiatives
For the observance of the sixth annual National Cyber Security Awareness Month, NASCIO has created a Resource Guide of examples of state awareness programs and initiatives. The compendium augments previously gathered information with data from a just-completed, short survey of state CISOs. It includes links to state security awareness pages, contact information for state CISOs, and information describing cyber security awareness, training, and education initiatives that target four categories: Executives/Elected Officials; Citizens; State Workers; and IT Security Personnel.

The Resource Guide is a work-in-progress that should provide a valuable reference resource for Cyber Security Awareness Month, as well as the ongoing planning of security awareness and training efforts state programs may undertake thereafter.

Protecting the Realm: Confronting the Realities of State Data at Risk

  • September 2008
  • Number of views: 4430
Protecting the Realm: Confronting the Realities of State Data at Risk
This brief underlines the criticality of managing states’ digital assets and identifies key, high-level elements for establishing better data security programs within states. The brief covers data ownership and governance issues, recommends grounding data protection efforts in states’ enterprise architecture frameworks, and outlines nine primary elements that a comprehensive data protection program must incorporate or address. It describes data classification frameworks that have been developed in both state and federal agencies, and includes summaries of operational data classification and security initiatives in the states of Ohio, Arkansas, and Iowa.
RSS
12

Resources By Category

Categories

Resources By Date

Archive