Blogs

Be the first person to like this.
Renault Ross, Chief Cybersecurity Business Strategist, Symantec Americas Strategic Programs Across the nation, state CIOs and CISOs find themselves caught in the middle of the best and worst of times, benefitting from the proliferation of mobile devices and IoT, while feverishly trying to fend off the inevitable flood of cyberattacks that pursue them. IT threats have increased in almost every category from cloud and email to election systems and supply chains, according to Symantec’s 2019 Internet Security Threat Report , which records events from 123 million attack sensors worldwide.  Among the findings from 2018: More than 70 million records were ...
0 comments
Be the first person to like this.
By Scott Buchholz, Chief Technology Officer, Deloitte Consulting LLP Since its release back in 2010, Deloitte’s annual Tech Trends report has detailed the rapid pace of technology innovation and the disruption that comes with it. Each year, we examine these trends from a government perspective to identify where their potential impacts lie.  Two trends that align with NASCIO’s 2019 Top Ten Policy and Tech Priorities as well as Tech Trends’ 2019 list are DevSecOps and the cyber imperative, and Artificial Intelligence (AI)- fueled organizations. Where is the synergy? Let’s explore where we see potential impact over the coming months and years. DevSecOps ...
0 comments
Be the first person to like this.
1. NGA Partners with Seven States and Territories on Cyber Strategy The National Governors Association (NGA) has selected seven states and territories in 2019 to enhance their statewide cybersecurity strategies. NGA announced last week that Arkansas, Guam, Louisiana, Maryland, Massachusetts, Ohio and Washington were chosen to partner with the Center for Best Practices to develop action plans on overall cybersecurity governance.  Read NGA press release > 2.  Bipartisan, Bicameral Legislation Introduced to Assess Threat of Deepfakes Last week, the Deepfakes Report Act of 2019 was introduced in the House of Representatives and the Senate, which ...
0 comments
Be the first person to like this.
By Jonathan Nguyen-Duy, Fortinet Security and risk management has emerged as the number one priority for state CIOs, according to the recently published State CIO Top Ten Policy and Technology Priorities . Like their private sector brethren, public CIOs grapple with an ever-changing threat landscape, greater complexity, and limited resources. With the dual pressure of rising breach rates and skills shortages, state CIOs must continually be on the lookout for new approaches to improve risk management while operating under tight budgetary guidelines. Along with security, the survey finds another top priority for CIOs is enterprise vision and strategy. ...
0 comments
1 person like s this.
By Yejin Jang, Forescout Technologies, Inc. State legislative sessions are underway and there is a noticeable increase in the number of filed bills that address cybersecurity. This isn’t entirely surprising because as of December 2018, the National Conference of State Legislatures reported that 23 states created statewide cybersecurity-focused committees or task forces, and it is logical that regulation or legislation would follow. Now, policy proposals are moving beyond protecting traditional networked devices like desktops/workstations, and there is increased attention on the security of non-traditional IoT devices. There is also movement to ban specific ...
0 comments
Be the first person to like this.
By Lane Hartman,  Content Marketing Manger, OpenGov Inc. NASCIO is a nonprofit that represents state chief information officers (CIOs) and information technology executives and managers. The organization focuses on helping governments excel with best practices, information management, and technology policy. In their annual survey, NASCIO asks State CIOs to outline their Top 10 priorities for the year. Overwhelmingly, State CIOs reported that they are focused on modernizing their technology in 2019. To do this, they are moving formerly on-premises software to cloud-based software. Software-as-a-solution (SaaS) applications are Cloud solutions that ...
0 comments
1 person like s this.
By Rick Tracy, CSO, Telos Corporation Imagine the pressure and responsibility that comes with protecting sensitive government and citizen data from malicious cyber threats. For any CISO working for a state government today, there is no need to imagine – it is the daily reality of the job. It is no surprise then that security and risk management stood at the top of NASCIO’s Top Ten Policy and Technology Priorities for 2019 .  In the not-so-distant past, it was hard to get people to think twice about cyber risk management – we’ve come a long way! One practice that has proven effective in managing cyber risk is adherence to the NIST Cybersecurity Framework ...
0 comments
Be the first person to like this.
By Jonathan Alboum,  Chief Technology Officer, Public Sector, Veritas Technologies Data Management and Analytics is #8 on NASCIO’s Top 10 State CIO Priorities for 2019. Considering that we create more data today than ever before, this isn’t surprising. Most state CIOs struggle to gain visibility and insight into their data, specifically unstructured data. This type of data — emails, documents and image files — expose organizations to increased risk, security vulnerabilities, and PII leaks. This problem is intensifying. Our data grows at a rate of 49% year-over-year and 80% is unstructured. Unfortunately, most of the data in our organizations is “dark ...
0 comments
Be the first person to like this.
By Brett Swartz, Director of Public Sector, Liferay It seems like every time I turn on the TV, I see an ad promising to save me time and money. Most of the time I’m skeptical, to say the least, but I understand the appeal. Who wouldn’t want to spend less and be more efficient at the same time? Despite public perceptions, that’s as true for public sector entities as it is for individuals. One way that governments are trying to do this is by rejuvenating their online presence to be more appealing and conducive to citizen self-service.   For example, the IRS issued a report finding that, during the fiscal year ending on September 30, 2014, live ...
0 comments
1 person like s this.
By Dan Lohrmann Why submit a NASCIO Award nomination? What tips can help your state receive an award? What are judges looking for? I am often asked these questions. Here are a few of my answers. As a former Michigan State Government CISO, CTO and CSO who has led many teams who submitted (and won) numerous awards in different categories from 2003-2014, I can tell you that submitting a top nomination is hard work. However, it was (and still is) always worth the effort and rewarding – even when we didn’t receive an award. In my experience, NASCIO Awards are about demonstrating excellence and benchmarking meaningful progress. We wanted to share ...
0 comments
Be the first person to like this.
By:  Tony Encinias, Vice President of Technology, ViON Corporation; former CIO, Commonwealth of Pennsylvania Public or private cloud is a question that’s being asked by most enterprise IT shops.  As they have found out, it isn’t a one or the other, all-or-nothing proposition.  As the CIO for the Commonwealth of Pennsylvania, my goal was to move into IT environments that could be consumed as a commodity.  With the introduction of public cloud services such as AWS and Azure everyone thought they had found the panacea for getting out of buying infrastructure.  However, with critical state government services highly reliant on legacy applications that were ...
0 comments
Be the first person to like this.
The NASCIO State IT Recognition Awards celebrated 30 years of honoring the best of state IT. Visit the  30th Anniversary  microsite to learn which projects are the 2018 finalists and recipients, which state has won the most awards overall, and more about the award process. Click the image on the below to see NASCIO 2018 Annual Conference By The Numbers .  Presentations from conference sessions are available on the agenda at  NASCIO.org/2018Annual
0 comments
Be the first person to like this.
DHS Cyber agency bill passes both chambers  In early October, the Senate passed  H.R. 3359  Cybersecurity and Infrastructure Security Agency Act of 2018 which codifies an agency of the same name within DHS to lead cyber and critical infrastructure programs. The House passed the measure in late 2017. Blockchain the "most over-hyped technology ever"  In a Senate Banking Committee  hearing , NYU professor Nouriel Roubini testified that cryptocurrencies were a scam and said blockchain technology was "nothing better than a glorified spreadsheet." The other hearing witness, Coin Center director of research Peter Van Valkenburgh, similarly focused ...
0 comments
Be the first person to like this.
Releasing on October 23 is the 5   th   biennial Deloitte-NASCIO Cyber Study, which has been referred to as the most "comprehensive study of state-level cybersecurity spending" (White House FY19 Budget Request). The study report highlights perspectives and insights surrounding cybersecurity from state chief information security officers (CISOs).   Here are some highlights from studies released thus far in 2010, 2012, 2014 and 2016:   The first time NASCIO documented the number of enterprise wide CISOs in states was in 2006 when 83% of states had a state CISO. 10 years later, as reported in the 2016 study, that number was 100%. ...
0 comments
Be the first person to like this.
Secure Elections Act delayed    Markup for the Secure Elections Act (S. 2593) was scheduled for August 22 but was postponed after several secretaries of state voiced concern with the bill, noting the lack of funding and the White House also commented on the stalled measure saying they would not support legislation with "inappropriate mandates" that moves power or funding from states to Washington.  State plans for election security spending released    The U.S. Election Assistance Commission (EAC) released information on how states are planning to spend the $380 million in HAVA grants awarded earlier this year. 36.3 percent of funds ...
0 comments
Be the first person to like this.
There's just something about the term "artificial intelligence" that sounds futuristic and far out. Maybe it's those sci-fi movies of years past, or the fear of being taken over by robots in the future. But if you look around at our daily lives, AI has just become a regular part of it. From Alexa, to Siri, to our doorbells and our thermostats, suddenly AI is everywhere. And it's happening fast. In 2017 when NASCIO asked state CIOs "What emerging IT area will be most impactful in the next 3-5 years?" only 29 percent chose AI / Machine Learning. In 2018 (soon to be released), 58 percent chose that same answer. The response doubled in just one year. During this ...
0 comments
Be the first person to like this.
The US Department of Homeland Security (DHS), and the National Association of State Chief Information Officers (NASCIO) have released a joint report and supporting case studies identifying how five states - Georgia, Michigan, New Jersey, Virginia, and Washington - use laws, policies, structures, and processes to help govern cybersecurity as an enterprise-wide, strategic issue across state government and other public and private sector stakeholders.  Every day, states and territories rely on networks and systems to ensure continuity of commerce and delivery of mission critical services. These systems are at risk of disruption from cyber attacks from adversaries ...
0 comments
Be the first person to like this.
NASCIO in the House  NASCIO President Bo Reese testified before the House Oversight, Intergovernmental Subcommittee on July 18 th  about the impact of federal regulations on state IT. Reese spoke about the federal regulatory impact to IT consolidation and cybersecurity. Click  here  to read the testimony. FirstNet undergoing audit  The U.S. Dept. of Commerce Inspector General notified FirstNet CEO Mike Poth on May 3 rd  that they would be  initiating an audit  of FirstNet's oversight role regarding the contract to develop the nationwide public safety broadband network. LA-RICS assets to AT&T  LTE ...
0 comments
Be the first person to like this.
NASCIO has embarked on a new initiative based on work started in the state of Texas and Georgia.  The work in these states has been ongoing for over twelve years.  The initiative in Georgia started about 2006 with the state CIO who was in place at that time, Patrick Moore.  Since then, much has been learned and practiced regarding organizing multiple service providers, multisource integration, and the development of a new operating model for the state CIO to employ in responding to the ever present forces of change. We introduced the notion of this new operating model in our publication State CIO as Broker: A New Model .  This new operating model is a prerequisite ...
0 comments
Be the first person to like this.
Cyberspace Solarium Commission  Both chambers of Congress have now passed the National Defense Authorization Act (H.R. 5515) which establishes a Cyberspace Solarium Commission. The Commission is charged with developing a "strategic approach to protecting the crucial advantages of the United States in cyberspace against the attempts of adversaries." The thirteen-member commission would be staffed by private sector and legislative and executive branch members who have expertise and experience with cybersecurity. Read more  here .  FCC Extends Mobility Fund Phase II Challenge Process  At the behest of several senators, the Federal Communications ...
0 comments