NASCIO Releases Federal Priorities: Cybersecurity, FirstNet, and Collaboration on IT are Essential for States

WASHINGTON, D.C., Thursday, January 23 — The National Association of State Chief Information Officer’s (NASCIO) released its 2014 federal advocacy priorities today. NASCIO’s advocacy goals for 2014 include: collaborating with the federal government on cybersecurity to secure the public sector; building a nationwide public safety broadband network; pushing greater information sharing among government entities; and, implementation of grant guidance reform.

The 2014 Federal Advocacy Priorities are now available https://www.nascio.org/advocacy/current/.

NASCIO’s 2014 advocacy goals are supported by four key issues that must be addressed to succeed in these areas: maturing identity management, building the public sector IT workforce, promoting common data standards, and collaboration on broadband.

“Information Technology is a rapidly evolving field,” explained NASCIO President Craig Orgeron, chief information officer for the state of Mississippi. “While progress was made in 2013 with the release of federal grant guidance reform and a sweeping Executive Order on cybersecurity, there is still a long road ahead. Congress has yet to act on this vital issue, and the Administration must continue to work with state partners to modernize and secure government information technology.”

State CIOs are also looking to continue their collaboration with the FirstNet Authority, responsible for building a nationwide public safety network for our first responders, and other federal partners, on building a nationwide public safety broadband communications network. “NASCIO hopes building a business plan with the states will be the number one priority for FirstNet in 2014,” said Mitch Herckis, director of Government Affairs for NASCIO. “It is the missing keystone and necessary next step towards the roll out of our nation’s largest infrastructure project since the Interstate System.”

NASCIO also hopes to highlight the need to build information sharing procedures and policies at all levels. Projects such as implementation of the voluntary cybersecurity framework and FirstNet will require a major effort to create consensus on how and when information is shared between government entities and private sector partners. Congress, the administration, state governments, and private sector partners will all need to work in partnership to build common languages and solutions in this field.

NASCIO Endorses Data Privacy Day

LEXINGTON, Ky., Tuesday, January 14 — the National Association of State Chief Information Officers (NASCIO) is joining the growing effort among international organizations, corporations, educational institutions, government entities and municipalities across the globe to promote privacy awareness. Data Privacy Day, observed annually on January 28, is an international effort to empower and educate people to protect their privacy and control their digital footprint.

NASCIO supports Data Privacy Day as a Champion, recognizing the principle that organizations, businesses and government all share the responsibility to be conscientious stewards of data by respecting privacy, safeguarding data and enabling trust. Data Privacy Day encourages Internet users to consider the privacy implications of their online actions and motivate all companies to make the protection of privacy and data a greater priority.

“Security, including the protection of data, was voted the number one state CIO priority of 2014,” stated Craig Orgeron, NASCIO president and Mississippi chief information officer. “Essential to the role of state CIOs is implementing the necessary security protocols and measures that support privacy policies, protecting the personally identifiable information of citizens.”

Coordinated and led by the National Cyber Security Alliance (NCSA), Data Privacy Day began in the United States and Canada in January 2008 as an extension of the Data Protection Day celebration in Europe. The day, January 28, commemorates the 1981 signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection. For more information about Data Privacy Day, the DPD Champions program, and how to participate in DPD activities, visit http://www.staysafeonline.org/data-privacy-day/

About Data Privacy Day
Led by the National Cyber Security Alliance, Data Privacy Day began in the United States and Canada in January 2008 as an extension of the Data Protection Day celebration in Europe. The Day commemorates the 1981 signing of Convention 108 – the first legally binding international treaty dealing with privacy and data protection. Intel and Microsoft are Leading Sponsors of Data Privacy Day. ADP and AT&T are Contributing Sponsors and Small Business sponsors include Private Wi-Fi, Reputation.com and SpiderOak. 

Destination: Advancing Enterprise Portfolio Management – First Stop: Issues Management

LEXINGTON, Ky., Thursday, December 12 — the National Association of State Chief Information Officers (NASCIO) today released the first in a series of issue briefs on Enterprise Portfolio Management. The publication is now available at www.nascio.org/publications/.

State CIOs are managing a growing and diverse set of investments, services and collaborative arrangements. Enterprise portfolio management (EPM) is a discipline that provides the tools and best practices necessary for doing this proactively and successfully. EPM provides a view into the enterprise – not only projects, but also services, operations, programs and resources. EPM essentially turns enterprise architecture into action. EPM involves many portfolios. The first portfolio that drives the others is the portfolio of issues that identifies, scores and prioritizes the very issues we’re trying to solve through projects, programs, management initiatives and operations.

“We’re kicking off our series on portfolio management and IT investment management with a foundational piece on issues,” said Jack Doane, co-chair for the NASCIO Enterprise Architecture and Governance Committee and director for the Information Services Division in Alabama. “Everything we do starts with a business need, or an issue. It is at that beginning where we need to initiate a discipline for evaluating and prioritizing the demand side. That is the issues portfolio. We need to be deliberate in deciding what to tackle – what to tackle alone – and what to tackle in collaboration with another agency or jurisdiction.”

“The state CIO manages a number of portfolios,” said Carolyn Parnell, co-chair for the NASCIO Enterprise Architecture and Governance Committee and chief information officer for the State of Minnesota. “While there may be some inconsistencies in how these portfolios are managed today, our ability to build discipline and consistency across the board is growing. Enterprise portfolio management is maturing. And we’ll see that maturity reflected in both the demand side and supply side of project management. As we consider options for delivering successful projects we also have more viable options today including cross-jurisdictional collaboration. These are all elements of the enterprise-wide portfolio.”

NASCIO Releases State CIO and Legal Counsel: Joining Forces for Better Government

LEXINGTON, Ky., Tuesday, November 26 — the National Association of State Chief Information Officers (NASCIO) today released a guide on building a good state chief information officers (CIO)/legal counsel relationship.

On a daily basis, a number of situations may arise where a state chief information officer (CIO) and legal counsel need to work together. Procurement and contract negotiations, privacy, cybersecurity, personnel actions and litigation including e-discovery are just some of the issues for which having a good working relationship is mutually beneficial.

“In the fast paced and challenging world of state CIOs, it’s imperative they forge trusted relationships,” said Doug Robinson, NASCIO executive director. “The legal counsel can be a trusted ally to provide advice and address the inevitable bumps in the road.”

The NASCIO Legal Advisory Committee, with contributions from some veteran state CIOs and legal counsel came up with the checklist. This practical guide is intended for newbie and seasoned legal counsel and CIOs. For more information and to view the checklist, please visit https://www.nascio.org/publications/

State CIOs to Focus on Cybersecurity, Consolidation, Cloud in 2014 Annual NASCIO Survey Reveals Top 10 Strategies and Technologies for States

LEXINGTON, Ky., November 5, 2013 — Security, consolidation, cloud services and enterprise portfolio management top the list of critical state CIO priorities in 2014, according to state information technology leaders surveyed by the National Association of State Chief Information Officers (NASCIO). The prioritized rankings of strategies and technologies reflect voting by state CIOs and are available for download from NASCIO at www.nascio.org/publications/

This year, NASCIO’s annual top 10 ranking shows IT security strategies and tools are at the forefront of discussion around the states, with ‘Security’ topping the list of Priority Strategies, Management Processes and Solutions and ‘Security Enhancement Tools,’ such as continuous diagnostic monitoring, coming in second among Priority Technologies, Applications, and Tools. Following closely behind were efforts at consolidation and a continued transition to cloud services.

Project and Portfolio Management enters the top 10 for the first time in the history of NASCIO’s rankings and assumes position 4. Security, always a member of the top 10, moves to position 1.

“It is significant that security has now risen to the number one priority on our top 10 list,” said NASCIO President and Mississippi Chief Information Officer Craig Orgeron. “As I presented in congressional testimony before the Committee on Homeland Security last week, cyber-attacks against state governments are growing in number and becoming increasingly sophisticated. Security has to be the top priority for all sectors. Clearly from our top 10 voting results, the state CIOs agree on this.”

The 2014 priorities align with the results of the Annual State CIO Survey conducted by NASCIO in partnership with TechAmerica and Grant Thornton. “The results of our top 10 voting correlate very closely with the results of our more in depth 2013 State CIO survey and report,” said Doug Robinson, NASCIO’s executive director. “We’ll clearly see more discipline and investment in managing portfolios at the enterprise level – pursuing the right projects with the right governance and oversight. In the coming months, our Enterprise Architecture & Governance Committee will be publishing in this area and hosting webinars to inform states on opportunities and best practices.”

NASCIO utilizes the annual list of priorities to develop strategic areas of focus for the coming year, formulate new committees and working groups, and plan NASCIO conference sessions and publications.

NASCIO President Testifies Before Congress on State Cybersecurity Readiness

LEXINGTON, Ky., Wednesday, October 30 — On Wednesday, Craig Orgeron, President of the National Association Of State Chief Information Officers (NASCIO) and State of Mississippi’s Secretary of the Office of Information Technology Services, testified before the U.S. House of Representatives on the readiness of state IT systems.

Before a joint hearing of the Committee on Homeland Security’s Subcommittee on Emergency Preparedness, Response, and Communications and Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies of the Homeland Security Committee, Orgeron explained that, “the state of Mississippi’s IT systems, like systems from all states, face cyber-attacks ranging from a few thousand stamps to as many as 10 million per day–some domestic, many international. To win this ongoing battle, state IT experts need to be right every time, while hackers need to be right only once. As these attacks continue to grow more sophisticated, both public and private sector entities will need to develop better tools and increase collaboration to both deter attacks and plan a coordinated response to contain the damage from successful attacks. “

Orgeron emphasized ongoing efforts to build better governance models and frameworks for securing state systems. In addition, Orgeron stressed the need for maturing the processes for collaboration between state and federal entities, along with the private sector.

To read the full testimony of President Orgeron, click here.

To see a video of the full hearing, click here.

NASCIO Announces New Executive Leadership

LEXINGTON, Ky., Monday, October 28 — Top state information technology leaders have been selected to serve as new program year Executive Committee for the National Association of State Chief Information Officers (NASCIO). The association is now led by Craig Orgeron, Mississippi chief information officer and executive director, and NASCIO president for the 2013-14 program year. Orgeron succeeds Nebraska chief information officer, Brenda Decker.

NASCIO’s 2013-14 Executive Committee leaders are:

Executive Committee Officers:
President – Craig Orgeron, Chief Information Officer and Executive Director, Mississippi
Vice President – Stu Davis, State Chief Information Officer and Assistant Director, Ohio
Secretary/Treasurer – David Gustafson, Chief Information Officer, Nevada
Past President – Brenda Decker, Chief Information Officer, Nebraska

Executive Committee Directors:
Claire Bailey, Director and Chief Technology Officer, Arkansas
Carlos Ramos, State Chief Information Officer, California
Karen Robinson, Chief Information Officer, Texas
Jim Sills, Secretary and Chief Information Officer, Delaware
Darryl Ackley, Secretary and Chief Information Officer, New Mexico
John Letchford, Chief Information Officer and Assistant Secretary for IT, Massachusetts
Calvin Rhodes, Executive Director and State Chief Information Officer, Georgia

NASCIO to Partner with Georgia Tech Research Institute on NIEF QuickStart Program

LEXINGTON, KY, Tuesday, October 22, 2013 — Building on the adoption of the National Identity Exchange Federation (NIEF), the National Association of State Chief Information Officers (NASCIO) has partnered with the Georgia Tech Research Institute (GTRI) to pilot the NIEF QuickStart Program in multiple states to promote data exchange among law enforcement, public safety, and emergency management agencies.

The goal of the pilot is to provide a standard, commoditized capability of trusted identity and attribute sharing. NIEF member agencies can leverage this capability to achieve wide-scale identity reuse, single sign-on (SSO) to resources, and policy compliant control of access to the broadest set of public safety-related information resources at all levels of government. This approach promises to deliver a marked improvement in the efficiency and automation of policy-based access control decisions on information resources. The goals of the pilot are to strategically jump-start key states’ information exchange capabilities, improve awareness of NIEF’s strategic vision, and drive an increased value proposition for all NIEF participants.

“States have struggled to develop identity trust frameworks, but the NIEF QuickStart Program will demonstrate the value proposition of a common framework,” stated NASCIO Executive Director, Doug Robinson. “The value of any federation or information sharing environment increases with the number of participants, and the pilot participants will be seeds that drive wide adoption.”

GTRI will assist selected participants by facilitating and shepherding them through NIEF’s formal on-boarding process. It is expected that the selected on-boarding projects will be completed in approximately twelve (12) months.

“Over time, the NIEF QuickStart Program will create a way for state, local, tribal, and territorial governments to create an affordable, fast and repeatable process for on-boarding into a common trusted environment for identity and attribute exchange,” said John Wandelt, who is a GTRI Research Fellow and the Executive Director of NIEF. “Scalability is vital, and this pilot will demonstrate the practicality of rapid NIEF on-boarding for partners of any size.”

It is expected that the NIEF QuickStart Program will eventually grow to accommodate and facilitate on-boarding of agencies at all levels of government, but the pilot phase of the program is targeted primarily towards U.S. states and state-level agencies. NASCIO and GTRI seek to quickly engage with interested states and begin executing on the selection process. States interested in submitting a readiness assessment profile for the NIEF QuickStart Program can go to www.surveymonkey.com/s/R8Z7CBN and submit an assessment profile online. For more details on NIEF, please visit https://nief.gfipm.net/.

This effort is a partnership between the US Department of Homeland Security, Program Management Office for the Information Sharing Environment (PM-ISE) and the US Department of Justice, Bureau of Justice Assistance (BJA) and is led by the GTRI/NASCIO team. Funding for this effort is provided by the PM-ISE through BJA.

About GTRI
The Georgia Tech Research Institute (GTRI) is a highly regarded applied research and development organization that is part of the Georgia Institute of Technology, one of the world’s top-ranked research universities. With more than 1,700 scientists, engineers and other professionals, GTRI helps solve the most difficult problems facing government and industry across the nation and around the world. For more information on GTRI visit www.gtri.gatech.edu.

NASCIO Launches Inaugural CISO Scholarship Program

PHILADELPHIA, Pa. Wednesday, October 16 — The National Association of State Chief Information Officers (NASCIO), awarded the Thomas M. Jarrett State Chief Information Security Officer (CISO) Conference Scholarship to three deserving CISO’s during the 2013 Annual Conference in Philadelphia.

2013 is the year of inception for this program, which was created to pay homage to Thomas M. Jarrett, past president of NASCIO (2004 – 2005), for his passion for cybersecurity. The scholarship grants current CISO's the opportunity to attend the NASCIO Annual Conference.

Due to their dedication and leadership in cybersecurity, the following individuals were selected to receive the scholarship:

John Byers, Chief Information Security Officer, State of Kansas

Brian Engle, Director and Chief Information Security Officer, State of Texas

David Brown, Chief Information Security Officer, State of Ohio

NASCIO Recognizes Exceptional Contributions in State Government

PHILADELPHIA, Pa., Tuesday, October 15 — The National Association of State Chief Information Officers (NASCIO) honored Scott Gessler, Colorado Secretary of State and Selvi Stanislaus, Executive Officer, State of California, Franchise Tax Board, with the association’s State Technology Innovator award. The awards were presented during NASCIO’s 2013 Annual Conference in Philadelphia, Pa.

To encourage valid voter registration and reduce the potential for fraud and abuse of the system, Secretary of State Scott Gessler spearheaded a focused effort to make registering to vote more accessible and voter rolls more accurate in the state of Colorado. To make registering to vote easier and more accessible, Secretary Gessler and his office developed the first mobile-optimized voter registration site in the country. GoVoteColorado.com enabled Coloradans to register to vote through their mobile device for the 2012 election and avoid the inconvenient trip to the post office.

Stanislaus extraordinary efforts helped the nation’s most populous state close its tax gap and get on with the critical work of service delivery for all Californians. She leads the nation’s second largest tax department with over 5,300 permanent and 2,000 seasonal and intermittent employees nationwide. Under Stanislaus’ leadership, Franchise Tax Board (FTB) brings in roughly $55 billion annually—more than 65 percent of California’s annual General Fund revenue. Each year, FTB processes more than 17 million personal income tax returns and more than 1 million business entity tax returns.

Nominations were gathered from NASCIO members as well as non-members. NASCIO presents the State Technology Innovator Award on an annual basis to recognize state leaders who steadily promote innovation, excellence and good government. Nominees must be an employee of, elected official, appointed official or other appointee representing state government.