Perspectives on Privacy: A Survey and Snapshot of the Growing State Chief Privacy Officer Role

Compared to a private company or even any other level of government, the need to focus on privacy at the state level is significant. The amount of personal information citizens provide to their state outweighs anything a citizen provides to any one company. Because of this, we have seen number of states who have hired a chief privacy officer increase rapidly over the last several years. This NASCIO research provides a snapshot of the state chief privacy officer position, the background of CPOs, what they do in their roles, how the role is administratively structured and their advice for states interested in creating the position.

 

Download

The State CIO Operating Model: Bridging Trends and Action

In this third in our series related to NASCIO’s “The CIO Operating System:  Managing Change in a Sustainable Way,” we explore a maturity model that can help state CIOs develop their organization and explain their leadership role to a broad stakeholder audience.  This paper creates a connection between trends and action and supports NASCIO’s mission to represent state CIOs in the evolving state government market.  The maturity model provides a set of milestones for states to strive toward.  Each maturity level is described using key characteristics.  This not only provides states with a way for assessing their current state but also assists in creating the next set of goals as they move up the maturity curve.  A ratings table is presented that provides a more detailed set of dimensions that characterize the new operating model.  The paper culminates with a short assessment of some the key learnings from a survey of the states that was conducted in the third quarter of 2018.

Download

State CIO Top Ten Policy and Technology Priorities for 2019

NASCIO conducts a survey of the state CIOs to identify and prioritize the top policy and technology issues facing state government. The CIOs top ten priorities are identified and used as input to NASCIO’s programs, planning for conference sessions, and publications.

 

Download 

 

 

Cybersecurity Governance in the State of Michigan

In recognition of the importance of governance in addressing cyber risks, the U.S. Department of Homeland Security (DHS) partnered with the National Association of State Chief Information Officers (NASCIO) to develop a report and series of case studies exploring how states govern cybersecurity. The report and case studies explore how Georgia, Michigan, New Jersey, Virginia and Washington use cross-enterprise governance mechanisms (i.e., laws, policies, structures, and processes) across strategy and planning, budget and acquisition, risk identification and mitigation, incident response, information sharing, and workforce and education. The purpose of the report and case studies is to offer concepts and approaches to other states and organizations who face similar challenges. The report summarizes the case studies and identifies common trends in how cybersecurity governance is addressed across the five states, with supporting examples from each state.

 

Download

Cybersecurity Governance in the State of Georgia

In recognition of the importance of governance in addressing cyber risks, the U.S. Department of Homeland Security (DHS) partnered with the National Association of State Chief Information Officers (NASCIO) to develop a report and series of case studies exploring how states govern cybersecurity. The report and case studies explore how Georgia, Michigan, New Jersey, Virginia and Washington use cross-enterprise governance mechanisms (i.e., laws, policies, structures, and processes) across strategy and planning, budget and acquisition, risk identification and mitigation, incident response, information sharing, and workforce and education. The purpose of the report and case studies is to offer concepts and approaches to other states and organizations who face similar challenges. The report summarizes the case studies and identifies common trends in how cybersecurity governance is addressed across the five states, with supporting examples from each state.

 

Download

State Cybersecurity Governance Case Studies

In recognition of the importance of governance in addressing cyber risks, the U.S. Department of Homeland Security (DHS) partnered with the National Association of State Chief Information Officers (NASCIO) to develop a report and series of case studies exploring how states govern cybersecurity. The report and case studies explore how Georgia, Michigan, New Jersey, Virginia and Washington use cross-enterprise governance mechanisms (i.e., laws, policies, structures, and processes) across strategy and planning, budget and acquisition, risk identification and mitigation, incident response, information sharing, and workforce and education. The purpose of the report and case studies is to offer concepts and approaches to other states and organizations who face similar challenges. The report summarizes the case studies and identifies common trends in how cybersecurity governance is addressed across the five states, with supporting examples from each state.

 

Download

Cybersecurity Governance in the State of Washington

In recognition of the importance of governance in addressing cyber risks, the U.S. Department of Homeland Security (DHS) partnered with the National Association of State Chief Information Officers (NASCIO) to develop a report and series of case studies exploring how states govern cybersecurity. The report and case studies explore how Georgia, Michigan, New Jersey, Virginia and Washington use cross-enterprise governance mechanisms (i.e., laws, policies, structures, and processes) across strategy and planning, budget and acquisition, risk identification and mitigation, incident response, information sharing, and workforce and education. The purpose of the report and case studies is to offer concepts and approaches to other states and organizations who face similar challenges. The report summarizes the case studies and identifies common trends in how cybersecurity governance is addressed across the five states, with supporting examples from each state.

 

Download

Cybersecurity Governance in the Commonwealth of Virginia

In recognition of the importance of governance in addressing cyber risks, the U.S. Department of Homeland Security (DHS) partnered with the National Association of State Chief Information Officers (NASCIO) to develop a report and series of case studies exploring how states govern cybersecurity. The report and case studies explore how Georgia, Michigan, New Jersey, Virginia and Washington use cross-enterprise governance mechanisms (i.e., laws, policies, structures, and processes) across strategy and planning, budget and acquisition, risk identification and mitigation, incident response, information sharing, and workforce and education. The purpose of the report and case studies is to offer concepts and approaches to other states and organizations who face similar challenges. The report summarizes the case studies and identifies common trends in how cybersecurity governance is addressed across the five states, with supporting examples from each state.

 

Download

Cybersecurity Governance in the State of New Jersey

In recognition of the importance of governance in addressing cyber risks, the U.S. Department of Homeland Security (DHS) partnered with the National Association of State Chief Information Officers (NASCIO) to develop a report and series of case studies exploring how states govern cybersecurity. The report and case studies explore how Georgia, Michigan, New Jersey, Virginia and Washington use cross-enterprise governance mechanisms (i.e., laws, policies, structures, and processes) across strategy and planning, budget and acquisition, risk identification and mitigation, incident response, information sharing, and workforce and education. The purpose of the report and case studies is to offer concepts and approaches to other states and organizations who face similar challenges. The report summarizes the case studies and identifies common trends in how cybersecurity governance is addressed across the five states, with supporting examples from each state.
 

Download

The CIO Operating System: Managing Change in a Sustainable Way

This webinar presents the basics concepts of multisourcing and the “New State CIO Operating Model.” The presentation covers an overview of the NASCIO Multisourcing Initiative which began in January of 2018 in partnership with Integris Applied, Inc. The framework and the maturity model that are being employed as major references throughout the project are presented and explained.

The project workplan includes a survey to be completed by each state and territory, and will be distributed in September 2018. This webinar provides background on the new State CIO Operating Model for those completing the survey. Preliminary results from the survey will be presented at the NASCIO 2018 Annual Conference.

Click here for the full slide deck from the webinar.

Watch the Recording