Ponemon Institute’s 2018 Cost of a Data Breach Study (webinar)

This webinar covered the findings of the 2018 Cost of a Data Breach study and how states are preparing for and responding to data breaches.

 

Watch the Recording 

Better Data Security Through Classification: A Game Plan for Smart Cybersecurity Investments

The brief, a joint project between NASCIO’s Cybersecurity Committee and Data Protection Working Group, explains why a risk based cybersecurity approach is the most beneficial to state government data. When states take a risk based approach they improve operational efficiency, assessments are more accurate, attack surfaces are reduced and decision making is improved. As the brief states, taking an enterprise mentality brings together previously silo-based security and IT tools and allows for ongoing and continuous data monitoring and assessing.

Download

 

State of Washington: Privacy Modeling Demo

Government is using more data than ever in rendering services to citizens, yet government has few tools to enforce privacy rules or considerations and can’t simply hire enough to meet the demand for expertise. After consulting with academic and legal experts form the privacy community in Seattle, the state’s Chief Privacy Officer, Alex Alben, retained a software firm to create a web application which  returns relevant search requests based on the intended use of personal information in a product or service.

Watch the Recording

The 2016 State CIO Survey: The Adaptable State CIO

NASCIO, Grant Thornton LLP and CompTIA have collaborated for a seventh consecutive year to survey state government IT leaders on current issues, trends and perspectives. New service delivery models, innovative technology solutions, and rising customer expectations all require state CIOs to adapt continually to changing circumstances. We asked state CIOs to share their perspective on a number of topics, with a particular focus on the continued evolution of the CIO as a broker of shared services, on the IT workforce challenges facing CIOs, and on the use of data management and analytics at an enterprise level. These topics all involve CIOs looking into the future and adapting their strategies and plans to address a state IT and business environment that is becoming ever more complex. Cybersecurity, cloud solutions, mobility, procurement, cross-jurisdictional collaboration and privacy represent other high priority topics covered in the survey.

 

 

 

Download

Value and Vulnerability: The Internet of Things in a Connected State Government

States are finding that the “Internet of Things” (IoT) can improve efficiency, reduce waste and connect citizens to state services in faster and more affordable ways. But with that value comes vulnerability. States must consider security, privacy, accessibility and standardization when crafting a roadmap for IoT. This policy brief describes ways that states are currently implementing IoT, possibilities for the coming years, and recommendations on avoiding difficulties along the way.

 

Download

Unmanned Aerial Systems, Governance and State CIOs: On the Radar

State governments are turning to unmanned aerial systems (UAS) for a variety of applications. This brief lays out important public policy issues when it comes to state CIO governance of UAS.

Download

Capitals in the Clouds Part III – Recommendations for Mitigating Risks: Jurisdictional, Contracting and Service Levels

Cloud computing will continue to be an invaluable resource for state and local governments in their efforts to rationalize and optimize computing resources. Cloud computing should be seen as an IT innovation that can support rationalization and optimization of business services as well as IT services. Due diligence prescribes the necessity of exploring and evaluating jurisdictional issues in order to ensure long term sustainability and growing adoption of collaborative government operations in state and local government.

Download

Capitals in the Clouds – The Case for Cloud Computing in State Government Part II: Challenges and Opportunities to Get Your Data Right

Cloud computing brings with it opportunities, issues and risks. One major consideration that must be addressed is the management of data – governance, stewardship, consistency, ownership and security. Data is the lifeblood of state government operations and critical for service delivery. With the fiscal stress and operational pressures that are driving state and local governments toward serious consideration and adoption of cloud computing, the data must not be ignored. These pressures must be managed intelligently to avoid pushing government into a future situation that could constitute greater cost, and more difficulty in achieving interoperability of government lines of business and government jurisdictions.

 

Download

Capitals in the Clouds – The Case for Cloud Computing in State Government Part I: Definitions and Principles

Cloud computing has arrived as a serious alternative for state government. There are outstanding issues that must be faced and dealt with in order to maintain the reliability, responsibility, security, privacy, and citizen-confidence in government services. Government is exploring technology and business process innovations that will make the way for government to deliver existing services more economically. Cloud computing provides a number capabilities that have the potential for enabling such innovation.

 

Download

Resource Guide for State Cyber Security Awareness, Education, and Training Initiatives

For the observance of the sixth annual National Cyber Security Awareness Month, NASCIO has created a Resource Guide of examples of state awareness programs and initiatives. The compendium augments previously gathered information with data from a just-completed, short survey of state CISOs. It includes links to state security awareness pages, contact information for state CISOs, and information describing cyber security awareness, training, and education initiatives that target four categories: Executives/Elected Officials; Citizens; State Workers; and IT Security Personnel.

The Resource Guide is a work-in-progress that should provide a valuable reference resource for Cyber Security Awareness Month, as well as the ongoing planning of security awareness and training efforts state programs may undertake thereafter.

 

Download