Better Data Security Through Classification: A Game Plan for Smart Cybersecurity Investments

/in , , , /by

The brief, a joint project between NASCIO’s Cybersecurity Committee and Data Protection Working Group, explains why a risk based cybersecurity approach is the most beneficial to state government data. When states take a risk based approach they improve operational efficiency, assessments are more accurate, attack surfaces are reduced and decision making is improved. As the brief states, taking an enterprise mentality brings together previously silo-based security and IT tools and allows for ongoing and continuous data monitoring and assessing.

Download

 

Managing Change: How the Indiana County/State Data Sharing Initiative Mapped Its Way to Success

/in , , , , , /by

All 92 Indiana counties have voluntarily provided key geospatial data with the Indiana Geographic Information Office. One hundred percent cooperation was not easy and it took several years to accomplish. This presentation focuses on the drivers that encouraged the effort and the resistors that hampered success and how managing both sides of the change equation worked in Indiana.

 

Watch the Recording

Data Strategy: Essential for State Governments

/in , , , , , , , , , , , /by

All state governments need a guided approach to managing their data and information to obtain the maximum value for success in a challenging environment.  An Enterprise Data/Information Management (EDM/EIM) initiative provides the framework for a state to deliver real information knowledge and provide true value to their citizens.  This session provides the framework of the domain known as enterprise data / information management, explains its essential components, gives the reasons that state governments should create a sustained data management program, and demonstrates some benefits that successful state EDM/EIM programs have achieved.

Watch the Recording

 

State Governments at Risk: Turning Strategy and Awareness into Progress

/in , /by

The 2016 Cybersecurity Survey; ‘State Governments at Risk: Turning Strategy and Awareness into Progress’, reports findings and analysis of a comprehensive survey of State Chief Information Security Officers (CISOs) conducted by NASCIO in partnership with Deloitte. The results of the 2016 Deloitte-NASCIO Cybersecurity Study highlights the fact that challenges still exist, but cybersecurity is becoming part of the fabric of government operations.

 

Watch the Recording

 

State CIO Top Ten Policy and Technology Priorities for 2017

/in , , , , , , , , /by

NASCIO conducts a survey of the state CIOs to identify and prioritize the top policy and technology issues facing state government. The CIOs top ten priorities are identified and used as input to NASCIO’s programs, planning for conference sessions, and publications.

 

Download

 

 

State Cybersecurity Resource Guide

/in /by

The National Association of State Chief Information Officers (NASCIO) supports National Cybersecurity
Awareness Month, now in its 13th year. State CIOs and the programs they administer have supported
cybersecurity awareness month from its inception, and states address IT security and privacy awareness,
education, and training on a year-round basis.

For the 2016 observance, NASCIO has updated its Resource Guide for State Cybersecurity Awareness, Education, and Training Initiatives. This guide includes:

  • Updated information on state awareness programs, initiatives and best-practice information;
  • Contact information for state chief information security officers (CISOs);
  • Hyperlinks to state security and security awareness pages; and
  • Information describing cybersecurity awareness, training, and education initiatives.

The Resource Guide is a working document that should prove a valuable resource for Cybersecurity Awareness Month, as well as the ongoing planning of security awareness and training efforts state programs may undertake thereafter.

 

Download

Top Ten Talks: Security and Risk Management

/in , /by

Top Ten Talks session at the NASCIO 2016 Annual Conference in Orlando, FL.

Speaker has just 5 minutes to deliver a focused talk on one of the CIO Top Ten Priorities.

 

Watch the Video

The 2016 State CIO Survey: The Adaptable State CIO

/in , , , , , , , , , , , , , /by

NASCIO, Grant Thornton LLP and CompTIA have collaborated for a seventh consecutive year to survey state government IT leaders on current issues, trends and perspectives. New service delivery models, innovative technology solutions, and rising customer expectations all require state CIOs to adapt continually to changing circumstances. We asked state CIOs to share their perspective on a number of topics, with a particular focus on the continued evolution of the CIO as a broker of shared services, on the IT workforce challenges facing CIOs, and on the use of data management and analytics at an enterprise level. These topics all involve CIOs looking into the future and adapting their strategies and plans to address a state IT and business environment that is becoming ever more complex. Cybersecurity, cloud solutions, mobility, procurement, cross-jurisdictional collaboration and privacy represent other high priority topics covered in the survey.

 

 

 

Download

2016 Deloitte-NASCIO Cybersecurity Study – State Governments at Risk: Turning Strategy and Awareness into Progress

/in /by

This study reports findings and analysis of a comprehensive survey of State Chief Information Security Officers (CISOs) conducted by NASCIO in partnership with Deloitte. The results of the 2016 Deloitte-NASCIO Cybersecurity Study highlights the fact that challenges still exist, but cybersecurity is becoming part of the fabric of government operations.

The following key themes emerged from our analysis:

  • Governor-level awareness is on the rise. The survey results indicate that governors and other state officials are receiving more frequent updates from CIOs/CISOs. Despite an increase of reporting, a confidence gap still exists between IT and the business, emphasizing the need for better communication of cyber risks.
  • Cybersecurity is becoming part of the fabric of government operations. The state government CISO role has become more consistent in terms of functions and responsibilities. Top three cybersecurity initiatives in 2016 include training and awareness, monitoring/security operations centers (SOC), and strategy.
  • A formal strategy and better communications lead to greater command of resources. States taking a proactive approach to strategy setting and communication are more likely to see improvements in funding and access to talent. Survey shows 16 out of 33 states with an approved strategy reported they had an increase in budget.
  • There is a need to rethink talent strategies. The nature of what states have to offer workers has changed. States are pointing to job stability and the opportunity to “give back and make an impact” as compelling reasons to gravitate towards state employment. These—along with a rich training and development program – are becoming the basis for a campaign to recruit millennial talent.

 

Download

Value and Vulnerability: The Internet of Things in a Connected State Government

/in , , , , , , /by

States are finding that the “Internet of Things” (IoT) can improve efficiency, reduce waste and connect citizens to state services in faster and more affordable ways. But with that value comes vulnerability. States must consider security, privacy, accessibility and standardization when crafting a roadmap for IoT. This policy brief describes ways that states are currently implementing IoT, possibilities for the coming years, and recommendations on avoiding difficulties along the way.

 

Download