NASCIO Resources

IT Security Awareness and Training: Changing the Culture of State Government

  • August 2007
  • Number of views: 5508
IT Security Awareness and Training: Changing the Culture of State Government
Most state government employees use technology to do their daily work, yet they may not realize the dramatic consequences that can flow from one mistake. As data breaches and security incidents that originate from within state government appear to be on the rise, cultural change is needed. All state employees need to understand that IT security is everyone’s job and understand how to use the state’s IT resources in a way that does not create the risk of a security incident. NASCIO’s Research Brief, "IT Security Awareness and Training: Changing the Culture of State Government" , highlights awareness and training activities that State CIOs can implement to avoid internal threats that can lead to a full-on state government crisis. To assist CIOs in pursuing these efforts, this brief includes many examples of awareness and training activities that are currently taking place with the states. This brief is a product of NASCIO’s Information Security and Privacy Committee.

Insider Security Threats: State CIOs Take Action Now!

  • April 2007
  • Number of views: 5844
Insider Security Threats: State CIOs Take Action Now!
This brief examines the often overlooked threats from within. Media attention has focused primarily on external threats with federal government and industry reports revealing alarming hacking and identity theft statistics. However, threats from within both public and private sector organizations may be even more prevalent than external threats and can have equally if not more serious consequences.

State CIO Top Ten Policy and Technology Priorities for 2007

  • November 2006
  • Number of views: 6607
State CIO Top Ten Policy and Technology Priorities for 2007
Each year NASCIO conducts a survey of the state CIOs to identify and prioritize the top policy and technology issues facing state government. The CIOs top ten priorities are identified and used as input to NASCIO's programs, planning for conference sessions, and publications.

A Current View of the State CISO: A National Survey Assessment

  • September 2006
  • Number of views: 6692
A Current View of the State CISO: A National Survey Assessment
These aggregate survey results reflect a snapshot of the state CISO role as of summer 2006. The survey results indicate that the state CISO position has become highly prevalent and is evolving into a state IT security policy and strategy leader. The survey was conducted during the preparation of NASCIO's July 2006 Research Brief entitled Born of Necessity: The CISO Evolution-Bringing the Technical and the Policy Together.

Born of Necessity: The CISO Evolution--Bringing the Technical and the Policy Together

  • July 2006
  • Number of views: 4783
Born of Necessity: The CISO Evolution--Bringing the Technical and the Policy Together
This brief examines the role of the state Chief Information Security Officer (CISO) as it has evolved in response to the growing complexities of the IT threat environment, homeland security concerns, and the increasing demands for enhanced citizen services. Specific points this brief addresses include critical success factors for state CISOs, the importance of a CISO’s relationship-building across the state and among levels of government, and a few predictions on the future evolution of the state CISO.

The IT Security Business Case: Sustainable Funding to Manage the Risks

  • May 2006
  • Number of views: 6076
The IT Security Business Case: Sustainable Funding to Manage the Risks
This brief takes a holistic approach to constructing the case for enterprise IT security investment by outlining for the state CIOs the following steps: 

  • Understanding state government’s IT environment that drives the need for security 
  • Starting with an enterprise-wide IT risk assessment 
  • Making the case for IT security through demonstrating the risks (bolstered by the IT risk assessment results), the benefits of security, and how security aligns with the state’s business needs.

Findings from NASCIO’s Cybersecurity Survey

  • January 2006
  • Number of views: 14714
Findings from NASCIO’s Cybersecurity Survey
Findings from NASCIO’s Cybersecurity Survey

The Real Phantom Menace: Spyware and its State Implications

  • January 2005
  • Number of views: 5220
The Real Phantom Menace: Spyware and its State Implications
This brief addresses the security, privacy, citizen trust and business process-related implications of spyware and other forms of malware for state government IT systems and suggests some potential technical, legal and awareness-raising solutions for the menace of malware.
RSS
123456

Resources By Category

Categories

Resources By Date

Archive