Desperately Seeking Security Frameworks – A Roadmap for State CIOs
State CIOs, chief security officers, and the IT security professionals who work with them face a challenging and sometimes confusing array of security frameworks – these may be pushed down by Federal agencies, issued by national or international standards bodies, promoted by industry as best practice, or in some instances, be written into law or federal regulation. Desperately Seeking Security Frameworks provides an overview of the primary security standards, regulations, and laws that impact state IT security programs, highlights how states have used the frameworks to shape their security architectures, policies, standards, and controls, and identifies the key issues for CIOs as they establish and maintain IT security programs.