Maryland - Gaylord National Harbor, May 5-8, 2019
Nashville, TN - JW Marriott , October 13-16, 2019
This study reports findings and analysis of a comprehensive survey of State Chief Information Security Officers (CISOs) conducted by NASCIO in partnership with Deloitte. The results of the 2014 Deloitte-NASCIO Cybersecurity Study confirm the growing importance of cybersecurity for states.
NASCIO Staff Contact: Meredith Ward, Senior Policy Analyst (mward@NASCIO.org)
NASCIO, TechAmerica, and Grant Thornton LLP have collaborated for a fourth year on the annual survey of state government IT leaders. The 2013 survey report, The Enterprise Imperative, offers the latest insights from State CIOs and concludes these leaders are emphasizing effective enterprise governance models, adopting business disciplines, and forging the right relationships for collaboration. The 2012 survey – Advancing the C4 Agenda – focused on the balancing act that CIOs must maintain both in providing high-quality services and in delivering new, innovative solutions. These demands have not decreased over the past year. CIOs are responding by focusing on the enterprise, and by coordinating across boundaries. The enterprise focus may involve integrating governance and portfolio management across the state, improving the effectiveness of IT procurement, or deploying statewide identity and access management solutions.
The issue brief focuses on state use of social media, specifically on state social media participation policies ("SMPP's"). NASCIO's Legal Advisory Working Group took a look at 31 SMPPs, which focus specifically on guidance/policy given to state employees regarding their participation in social media.
States have come a long way in the past few years, with the majority implementing social media policies or working towards one. However, some of the gaps found have the potential to open up states to some severe heartburn: including employee discontent, management concerns, public perception and liability.
The issue brief also addresses the inclusion of clauses on confidentiality, ethical conduct, security and privacy, and transparency in SMPP's.
This study reports findings and analysis of a comprehensive survey of State Chief Information Security Officers conducted by NASCIO in partnership with Deloitte in July and August of 2012. Both a repeat and extension of a Deloitte-NASCIO survey originally conducted in 2010, it documents the relative strengths and weaknesses of the security programs that protect state governments' vital systems and data. The study identifies areas of concern expressed by state CISOs, and provides a call to action for state CIOs and policy officials on the critical need to support and enhance cybersecurity programs.
For the 2012 observance of National Cyber Security Awareness Month, NASCIO has updated its Resource Guide for State Cyber Security Awareness, Education, and Training Initiatives. The guide includes new information from our state members, who provided examples of state awareness programs and initiatives. This is an additional resource of best-practice information, together with an interactive state map to allow users to drilldown to the actual resources that states have developed or are using to promote cyber awareness. It includes contact information for the CISO, hyperlinks to state security and security awareness pages, and information describing cyber security awareness, training, and education initiatives.