The National Association of State Chief Information Officers (NASCIO) today released Better Data Security Through Classification: A Game Plan for Smart Cybersecurity Investments. The brief, a joint project between NASCIO’s Cybersecurity Committee and Data Protection Working Group, explains why a risk based cybersecurity approach is the most beneficial to state government data. When states take a risk based approach they improve operational efficiency, assessments are more accurate, attack surfaces are reduced and decision making is improved. As the brief states, taking an enterprise mentality brings together previously silo-based security and IT tools and allows for ongoing and continuous data monitoring and assessing. 

Data is critical to state government and why state chief information officers (CIOs) ranked data management and analytics-e.g. data governance; data architecture; strategy; business intelligence; predictive analytics; big data; roles and responsibilities-as a top priority for 2017 (www.nascio.org/topten). Additionally, in the 2016 State CIO Survey, 42% of state CIOs characterized data governance as high on their strategic and operational plan.

“A risk-based approach to cybersecurity is ideal for state governments because it enables incremental and measurable improvement. Data classification is a critical step in the process of understanding the critical data we protect,” said Mark Raymond, NASCIO President and CIO of the State of Connecticut. 

Today, it is not uncommon for the true and core value of a state to reside in its data assets, specifically the information it collects, develops, and stores, and in the products it develops and sells that are comprised of the data, or derived from the data. We live in the information age. Information is the fuel for the engine that propels virtually every decision that is made in business today. Once data is classified, there are additional steps that can and should be taken to realize all the benefits of classification, so this guide is intended to provide a path into what can become a “life-cycle” type of exercise, repeating at periodic intervals on into the future, rather than a project that becomes final, or “completed.” Systems and system data continue to change, so classification of the data must be updated in order to remain accurate and useful.

Read the brief at www.nascio.org/publications.

State Chief Information Officer (CIO) David Cagigal is making a difference for Wisconsin by leading enterprise collaboration to align the state’s technology investment strategies with the top policy priorities of the Governor and Legislature.

Over the next two weeks, the National Association of State Chief Information Officers will feature the work and accomplishments of Cagigal and the Department of Enterprise Technology (DET) in the State CIOs Make a Difference campaign. Wisconsin’s profile will specifically highlight the many ways in which Adaptive Leadership and collaboration are moving the state forward to achieve common goals and optimize the citizen experience with state government.

“In Wisconsin, we now view enterprise collaboration as our everyday way of doing business,” said Cagigal, “It has guided our data center consolidation efforts, our recent enterprise resource planning (ERP) implementation, our cybersecurity strategies, and our e-government program, just to cite a few examples. I firmly believe in the potential of enterprise collaboration to keep us moving forward.”

Learn more about Wisconsin’s on the campaign website,  www.NASCIO.org/CIOsMakeaDifference. Follow @NASCIO and #StateCIOsRock on Twitter for campaign highlights and updates.