2016 Deloitte-NASCIO Cybersecurity Study – State Governments at Risk: Turning Strategy and Awareness into Progress

/in /by

This study reports findings and analysis of a comprehensive survey of State Chief Information Security Officers (CISOs) conducted by NASCIO in partnership with Deloitte. The results of the 2016 Deloitte-NASCIO Cybersecurity Study highlights the fact that challenges still exist, but cybersecurity is becoming part of the fabric of government operations.

The following key themes emerged from our analysis:

  • Governor-level awareness is on the rise. The survey results indicate that governors and other state officials are receiving more frequent updates from CIOs/CISOs. Despite an increase of reporting, a confidence gap still exists between IT and the business, emphasizing the need for better communication of cyber risks.
  • Cybersecurity is becoming part of the fabric of government operations. The state government CISO role has become more consistent in terms of functions and responsibilities. Top three cybersecurity initiatives in 2016 include training and awareness, monitoring/security operations centers (SOC), and strategy.
  • A formal strategy and better communications lead to greater command of resources. States taking a proactive approach to strategy setting and communication are more likely to see improvements in funding and access to talent. Survey shows 16 out of 33 states with an approved strategy reported they had an increase in budget.
  • There is a need to rethink talent strategies. The nature of what states have to offer workers has changed. States are pointing to job stability and the opportunity to “give back and make an impact” as compelling reasons to gravitate towards state employment. These—along with a rich training and development program – are becoming the basis for a campaign to recruit millennial talent.

 

Download

State CIO Top Ten Policy and Technology Priorities for 2016

/in , , , , , , , , , /by

Each year NASCIO conducts a survey of the state CIOs to identify and prioritize the top policy and technology issues facing state government. The CIOs top ten priorities are identified and used as input to NASCIO’s programs, planning for conference sessions, and publications.

Download

 

The 2015 State CIO Survey: The Value Equation

/in , , , , , , , , , , /by

NASCIO, Grant Thornton LLP and CompTIA have collaborated for a sixth consecutive year to survey state government IT leaders on current issues, trends and perspectives. The survey sponsors seek to provide these state government IT leaders with an opportunity to voice their thoughts and opinions on matters of high importance. Governors, legislatures and business leaders can benefit from these knowledgeable insights about essential state IT services. As highlighted in the survey results, the state IT and business landscape continues to change, reflecting both emerging approaches to delivering IT products and services, and also the faster paced, more complex environment faced by state CIOs. We asked state CIOs to share their perspective on a number of topics, with a particular focus on the emerging role of the CIO as a broker of shared services, and on the use of incremental software development approaches to accelerate the delivery of value to customers. These topics share a common theme – customer expectations continue to rise, and state CIOs must be agile enough to adapt to changing circumstances and to rapidly deliver business value. State CIOs also shared their thoughts on the leadership attributes they perceive as most valuable for a state CIO, and which dimensions of the role were most critical for success. Cybersecurity , cloud services, mobility, broadband and IT procurement represent other high priority topics covered in the survey report.

 

Download

 

Interactive e-version

 

Downloadable Survey Charts

Is State IT Working on the Right Things?

/in , , , , , , , , , , , /by

What does it mean to be working on the right things? This determination is often difficult when considering the state as both an enterprise and a collective of individual agencies. Through interviews and formal surveys, NASCIO and Infosys Public Services gained insight from state IT leaders on the fundamental processes, mechanisms and criteria necessary to ensure that state IT is working on the right things. The resulting report will help state IT decision makers understand the key factors needed to identify the right things to do, see how they and their peer states stand against these factors and what can be done to bridge the gap.

Download

State IT Workforce: Facing Reality with Innovation

/in , , /by

The predicted shortage in the state information technology (IT) workforce has been discussed and debated for over a decade and states have been confronted with numerous challenges when it comes to identifying gaps in a changing IT workforce. A major concern for state CIOs continues to be the significant number of state IT employees who are eligible for retirement or have been eligible, but have postponed retirement due to the economic downturn. In spite of this, there is evidence that the economy is recovering and some states are experiencing record numbers of retirement. This report outlines the current data on the state IT workforce and focuses on innovation, best practices and recommendations.

Download

State CIO Top Ten Policy and Technology Priorities for 2015

/in , , , , , , , , , /by

Each year NASCIO conducts a survey of the state CIOs to identify and prioritize the top policy and technology issues facing state government. The CIOs top ten priorities are identified and used as input to NASCIO’s programs, planning for conference sessions, and publications.

Download

Priority Strategies, Management Processes and Solutions

Top 10 Final Ranking

  1. Security: risk assessment, governance, budget and resource requirements, security frameworks, data protection, training and awareness, insider threats, third party security practices as outsourcing increases, determining what constitutes “due care” or “reasonable”
  2. Cloud Services: cloud strategy, proper selection of service and deployment models, scalable and elastic IT-enabled capabilities provided “as a service” using internet technologies, governance, service management, service catalogs, platform, infrastructure, security, privacy, data ownership
  3. Consolidation/Optimization: centralizing, consolidating services, operations, resources, infrastructure, data centers, communications and marketing “enterprise” thinking, identifying and dealing with barriers
  4. Broadband/Wireless Connectivity: strengthening statewide connectivity; implementing broadband technology opportunities
  5. Budget and Cost Control: managing budget reduction; strategies for savings; reducing or avoiding costs; dealing with inadequate funding and budget constraints
  6. Human Resources/Talent Management: human capital/IT workforce; workforce reduction; attracting, developing and retaining IT personnel; retirement wave planning; succession planning; support/training, portal for workforce data and trends
  7. Strategic IT Planning: vision and roadmap for IT, recognition by administration that IT is a strategic capability, integrating and influencing strategic planning and visioning with consideration of future IT innovations, aligning with Governor’s policy agenda
  8. Mobile Services/Mobility/Enterprise Mobility Management: devices, applications, workforce, security, policy issues, support, ownership, communications, wireless infrastructure, BYOD
  9. Disaster Recovery/Business Continuity: improving disaster recovery, business continuity planning and readiness, pandemic/epidemic and IT impact, testing
  10. Customer Relationship Management: building customer agency confidence and collaboration, internal customer service strategies, service level agreements (demand planning)

2014 Deloitte-NASCIO Cybersecurity Study – State Governments at Risk: Time to Move Forward

/in , /by

This study reports findings and analysis of a comprehensive survey of State Chief Information Security Officers (CISOs) conducted by NASCIO in partnership with Deloitte. The results of the 2014 Deloitte-NASCIO Cybersecurity Study confirm the growing importance of cybersecurity for states. The following key themes emerged from our analysis:

Maturing role of the CISO: State CISO role continues to gain legitimacy in authority and reporting relationships. The responsibilities of the position are becoming more consistent across states, yet expanding.

Continuing budget-strategy disconnect: The improving economy and states’ growing commitment to cybersecurity have led to an increase – albeit small, in budgets. CISOs have also been successful at tapping supplemental resources, whether from other state agencies, federal funding, or various agency and business leaders. Nevertheless, budgets are still not sufficient to fully implement effective cybersecurity programs – it continues to be the top barrier for CISOs according to the survey results.

Cyber complexity challenge: State information systems house a wide range of sensitive citizen data, making them especially attractive targets for cyber-attacks. CISOs are concerned about the intensity, volume and complexity of cyber threats that run the gamut from malicious code to zero-day attacks.

Talent crisis: The skill sets needed for effective cybersecurity protection and monitoring are in heavy demand across all sectors. State CISOs are struggling to recruit and retain people with the right skills, and they will need to establish career growth paths and find creative ways to build their cybersecurity teams.

Download

Media:

Webinars:

The 2014 State CIO Survey: Charting the Course

/in , , , , , , , /by

NASCIO, TechAmerica, and Grant Thornton LLP have collaborated for a fifth consecutive year to survey state government IT leaders on current issues, trends and perspectives. The continuing economic situation creates problems for states when citizen demands for services continue or grow. The survey sponsors seek to provide these state government IT leaders with an opportunity to voice their thoughts and opinions on matters of high importance. Governors, legislatures and business leaders can benefit from these knowledgeable insights about essential state IT services. As major changes continue to sweep through the state IT landscape, we asked state CIOs to share their perspective on the status and future direction of the state CIO organization and the overall enterprise. While the survey covered a wide variety of topics, we asked CIOs to focus particularly on three main topics – the planning and oversight of critical projects, sourcing and the use of data as a strategic asset. These topics share a common theme in that they all require the CIO to establish priorities, collaborate with stakeholders and integrate with multiple external organizations.

Download

Presentations:

Media:

State CIO Top Ten Policy and Technology Priorities for 2014

/in , , , , , , , , , /by

Each year NASCIO conducts a survey of the state CIOs to identify and prioritize the top policy and technology issues facing state government. The top ten priorities are identified and used as input to NASCIO’s programs, planning for conference sessions, and publications.

Download