NASCIO Resources

Better Data Security Through Classification: A Game Plan for Smart Cybersecurity Investments

  • April 2017
  • Number of views: 5529
Better Data Security Through Classification: A Game Plan for Smart Cybersecurity Investments
The brief, a joint project between NASCIO’s Cybersecurity Committee and Data Protection Working Group, explains why a risk based cybersecurity approach is the most beneficial to state government data. When states take a risk based approach they improve operational efficiency, assessments are more accurate, attack surfaces are reduced and decision making is improved. As the brief states, taking an enterprise mentality brings together previously silo-based security and IT tools and allows for ongoing and continuous data monitoring and assessing.

State Governments at Risk: Turning Strategy and Awareness into Progress (webinar)

  • December 2016
  • Number of views: 8016
State Governments at Risk: Turning Strategy and Awareness into Progress (webinar)
The 2016 Cybersecurity Survey; 'State Governments at Risk: Turning Strategy and Awareness into Progress', reports findings and analysis of a comprehensive survey of State Chief Information Security Officers (CISOs) conducted by NASCIO in partnership with Deloitte. The results of the 2016 Deloitte-NASCIO Cybersecurity Study highlights the fact that challenges still exist, but cybersecurity is becoming part of the fabric of government operations.

State CIO Top Ten Policy and Technology Priorities for 2017

  • November 2016
  • Number of views: 52258
State CIO Top Ten Policy and Technology Priorities for 2017

NASCIO conducts a survey of the state CIOs to identify and prioritize the top policy and technology issues facing state government. The CIOs top ten priorities are identified and used as input to NASCIO's programs, planning for conference sessions, and publications.

State Cybersecurity Resource Guide

  • October 2016
  • Number of views: 7976
State Cybersecurity Resource Guide

The National Association of State Chief Information Officers (NASCIO) supports National Cybersecurity
Awareness Month, now in its 13th year. State CIOs and the programs they administer have supported
cybersecurity awareness month from its inception, and states address IT security and privacy awareness,
education, and training on a year-round basis.

For the 2016 observance, NASCIO has updated its Resource Guide for State Cybersecurity Awareness, Education, and Training Initiatives. This guide includes:

  • Updated information on state awareness programs, initiatives and best-practice information;
  • Contact information for state chief information security officers (CISOs);
  • Hyperlinks to state security and security awareness pages; and
  • Information describing cybersecurity awareness, training, and education initiatives.

The Resource Guide is a working document that should prove a valuable resource for Cybersecurity Awareness Month, as well as the ongoing planning of security awareness and training efforts state programs may undertake thereafter.

Top Ten Talks: Security and Risk Management (video)

  • September 2016
  • Number of views: 2747
Top Ten Talks: Security and Risk Management (video)
Top Ten Talks session at the NASCIO 2016 Annual Conference in Orlando, FL.

Speaker has just 5 minutes to deliver a focused talk on one of the CIO Top Ten Priorities.

2016 Deloitte-NASCIO Cybersecurity Study - State Governments at Risk: Turning Strategy and Awareness into Progress

  • September 2016
  • Number of views: 40728
2016 Deloitte-NASCIO Cybersecurity Study - State Governments at Risk: Turning Strategy and Awareness into Progress

This study reports findings and analysis of a comprehensive survey of State Chief Information Security Officers (CISOs) conducted by NASCIO in partnership with Deloitte. The results of the 2016 Deloitte-NASCIO Cybersecurity Study confirm the growing importance of cybersecurity for states.

NASCIO Staff Contact: Meredith Ward, Senior Policy Analyst (mward@NASCIO.org)

Value and Vulnerability: The Internet of Things in a Connected State Government

  • June 2016
  • Number of views: 18140
Value and Vulnerability: The Internet of Things in a Connected State Government
States are finding that the “Internet of Things” (IoT) can improve efficiency, reduce waste and connect citizens to state services in faster and more affordable ways. But with that value comes vulnerability. States must consider security, privacy, accessibility and standardization when crafting a roadmap for IoT. This policy brief describes ways that states are currently implementing IoT, possibilities for the coming years, and recommendations on avoiding difficulties along the way.

Advanced Cyber Analytics

  • April 2016
  • Number of views: 14930
Advanced Cyber Analytics
This report examines the subject of advanced cyber analytics.  It makes the case for states to invest in such capabilities and maintain ongoing maturity in advanced analytics.  All organizations, including state government must also develop and maintain response capabilities that continuously mature in sophistication in order to keep pace with an ever changing threat landscape. State government remains in a defensive position.  With the advent of multi-vector strategies by cyber criminals, state government now more than ever needs the ability to correlate disparate data sources generated from the myriad of security tools agencies have already invested in.  Examples of advanced analytics tools are provided.  The report includes a call to action list, a checklist, key questions, and recommendations.

Cyber Disruption Response Planning Guide

  • April 2016
  • Number of views: 22163
Cyber Disruption Response Planning Guide

State government must now view cyber attacks that are more than cyber incidents.  We must prepare for larger magnitude events.  These can be termed cyber disruptions, disasters or even catastrophes.  This publication includes the following:

  • A call to action for states to develop state cyber disruption response plans that include: a governance structure that clearly designates who is in charge in a given event or phase of an event; development of a risk profile for state assets; collaboration among the various agencies that have cyber responsibility; and a communication plan to ensure the right people have the right information as early as possible so they can response effectively.
  • A checklist for states to work with in developing progress toward a cyber disruption response operating discipline.
  • A cross functional process description that can be used as a starting point for states to develop their own unique cross functional process for orchestrated planning and response at various threat levels.

State CIO Top Ten Policy and Technology Priorities for 2016

  • November 2015
  • Number of views: 27428
State CIO Top Ten Policy and Technology Priorities for 2016
Each year NASCIO conducts a survey of the state CIOs to identify and prioritize the top policy and technology issues facing state government. The CIOs top ten priorities are identified and used as input to NASCIO's programs, planning for conference sessions, and publications.
RSS
12345678

Resources By Category

Categories

Resources By Date

Archive