NASCIO Resources

NASCIO 2014 Cybersecurity Awareness Resource Guide

  • September 2014
  • Number of views: 8089
NASCIO 2014 Cybersecurity Awareness Resource Guide
For the 2014 observance of National Cyber Security Awareness Month, NASCIO has updated its Resource Guide for State Cybersecurity Awareness, Education, and Training Initiatives. The guide includes new information from our state members, who provided examples of state awareness programs and initiatives. This is an additional resource of best-practice information, together with an interactive state map to allow users to drilldown to the actual resources that states have developed or are using to promote cyber awareness. It includes contact information for the CISO, hyperlinks to state security and security awareness pages, and information describing cybersecurity awareness, training, and education initiatives.

The Resource Guide is a modifiable work that should provide a valuable reference resource for Cyber Security Awareness Month, as well as the ongoing planning of security awareness and training efforts state programs may undertake thereafter.

Capitals in the Clouds Part VI: Cloud Procurement: From Solicitation to Signing

  • April 2014
  • Number of views: 8703
Capitals in the Clouds Part VI: Cloud Procurement: From Solicitation to Signing
As first reported in the NASCIO/TechAmerica/Grant Thornton 2013 State CIO Survey, The Enterprise Imperative: Leading Through Governance, Portfolio Management, and Collaboration, states continue to turn to cloud solutions, with services such as email and storage remaining the most popular. 74% of respondents said that their state has some applications in the cloud. For several years now, the NASCIO has discussed the transition in the state information technology environment as state CIOs sought new approaches to traditional delivery models. The recession prompted state leaders to examine new approaches and leverage technology opportunities. The use of cloud services by state government is the most obvious manifestation of this transition. In 2011, NASCIO launched its Capitals in the Clouds series on this topic. Three years later, states continue to investigate and to leverage cloud solutions, software as a service (SaaS) and infrastructure as a service, with services such as email and data storage remaining the most popular.

State CIO Top Ten Policy and Technology Priorities for 2014

  • November 2013
  • Number of views: 9502
State CIO Top Ten Policy and Technology Priorities for 2014
Each year NASCIO conducts a survey of the state CIOs to identify and prioritize the top policy and technology issues facing state government. The top ten priorities are identified and used as input to NASCIO’s programs, planning for conference sessions, and publications.

NASCIO Cybersecurity Awareness Resource Guide

  • September 2013
  • Number of views: 7805
NASCIO Cybersecurity Awareness Resource Guide

For the 2013 observance of National Cyber Security Awareness Month, NASCIO has updated its Resource Guide for State Cybersecurity Awareness, Education, and Training Initiatives. The guide includes new information from our state members, who provided examples of state awareness programs and initiatives. This is an additional resource of best-practice information, together with an interactive state map to allow users to drilldown to the actual resources that states have developed or are using to promote cyber awareness. It includes contact information for the CISO, hyperlinks to state security and security awareness pages, and information describing cybersecurity awareness, training, and education initiatives.

The Resource Guide is a work-in-progress that should provide a valuable reference resource for Cyber Security Awareness Month, as well as the ongoing planning of security awareness and training efforts state programs may undertake thereafter.

Capitals in the Clouds Part V: Advice from the Trenches on Managing the Risk of Free File Sharing Cloud Services

  • April 2013
  • Number of views: 7264
Capitals in the Clouds Part V: Advice from the Trenches on Managing the Risk of Free File Sharing Cloud Services

Cloud-based file sharing solutions have become very popular and certainly a growing and significant part of day-to-day computing. It is easy to see why these services are attractive to state government users after using them in many facets of their personal life. With a wide variety of choices in the market, these solutions are easy to access, configure and use. They support multiple devices (especially mobile), and data in multiple formats. The most important consideration for state employee users – these file sharing services are free. Since the release of the 2012 NASCIO and Deloitte Cybersecurity Study, more security and policy questions have been raised on the use of free cloud services by states. In addition to the May 2012 Capitals in the Clouds IV guidance on rogue cloud users, states have continued to seek out leading practices on how to put the proper controls in place, meet security standards, craft acceptable use policies, and identify the open records and legal concerns regarding terms of service. This brief helps to provide real experience from Commonwealth of Pennsylvania on free cloud services.

State CIO Top Ten Policy and Technology Priorities for 2013

  • October 2012
  • Number of views: 9115
State CIO Top Ten Policy and Technology Priorities for 2013

Each year NASCIO conducts a survey of the state CIOs to identify and prioritize the top policy and technology issues facing state government. The top ten priorities are identified and used as input to NASCIO's programs, planning for conference sessions, and publications.

2012 Deloitte-NASCIO Cybersecurity Study State governments at Risk: A Call for Collaboration and Compliance

  • October 2012
  • Number of views: 7807
2012 Deloitte-NASCIO Cybersecurity Study State governments at Risk: A Call for Collaboration and Compliance

This study reports findings and analysis of a comprehensive survey of State Chief Information Security Officers conducted by NASCIO in partnership with Deloitte in July and August of 2012. Both a repeat and extension of a Deloitte-NASCIO survey originally conducted in 2010, it documents the relative strengths and weaknesses of the security programs that protect state governments' vital systems and data. The study identifies areas of concern expressed by state CISOs, and provides a call to action for state CIOs and policy officials on the critical need to support and enhance cybersecurity programs.

NASCIO Cyber Security Awareness Resource Guide

  • October 2012
  • Number of views: 7939
NASCIO Cyber Security Awareness Resource Guide

For the 2012 observance of National Cyber Security Awareness Month, NASCIO has updated its Resource Guide for State Cyber Security Awareness, Education, and Training Initiatives. The guide includes new information from our state members, who provided examples of state awareness programs and initiatives. This is an additional resource of best-practice information, together with an interactive state map to allow users to drilldown to the actual resources that states have developed or are using to promote cyber awareness. It includes contact information for the CISO, hyperlinks to state security and security awareness pages, and information describing cyber security awareness, training, and education initiatives.

The State Identity Credential and Access Management Guidance and Roadmap (SICAM)

  • September 2012
  • Number of views: 18588
The State Identity Credential and Access Management Guidance and Roadmap (SICAM)
The State Identity and Credential Access Management (SICAM) Guidance and Roadmap outline a strategic vision for state-based identity, credential, and access management efforts, and emphasizes the importance of implementing the SICAM architecture and services in support of the challenges associated with trust, interoperability, security, and process improvement. States can, and should, provide a secure, auditable environment for the processing and exchange of information across the entire spectrum of state business. This guidance promotes an enterprise approach and it is essential that state governments take the initiative to ensure the integrity of the data entrusted to them and provide a high level of security and privacy to citizens, customers, and partners.

Capitals in the Clouds Part IV – Cloud Security: On Mission and Means

  • April 2012
  • Number of views: 17782
Capitals in the Clouds Part IV – Cloud Security: On Mission and Means

This brief presents an emphasis on the cultural and organizational aspects of cloud computing. "Cloud services" imply shared services. When agencies come together to share such a resource there will necessarily have to be an evaluation of the variance in security policies in place in the various partner agencies. Engaging external cloud services can be quite risky if such services have not been properly vetted by state security staff. Much education, awareness, and ongoing communication will be required to ensure state government employees are fully aware of the risks of external cloud services. The imperative for states is to stay connected and maintain the dialogue, sharing intentions and solutions, as state government moves forward with adoption of cloud services. Cloud is not the only solution or avenue for sharing resources. When it is the right solution, it must be employed with proper attention to the security aspects of cloud services, particularly with external cloud services.

RSS
12345678

Resources By Category

Categories

Resources By Date

Archive