NASCIO Resources

Better Data Security Through Classification: A Game Plan for Smart Cybersecurity Investments

  • April 2017
  • Number of views: 140
Better Data Security Through Classification: A Game Plan for Smart Cybersecurity Investments
The brief, a joint project between NASCIO’s Cybersecurity Committee and Data Protection Working Group, explains why a risk based cybersecurity approach is the most beneficial to state government data. When states take a risk based approach they improve operational efficiency, assessments are more accurate, attack surfaces are reduced and decision making is improved. As the brief states, taking an enterprise mentality brings together previously silo-based security and IT tools and allows for ongoing and continuous data monitoring and assessing.

State Governments at Risk: Turning Strategy and Awareness into Progress (webinar)

  • December 2016
  • Number of views: 2490
State Governments at Risk: Turning Strategy and Awareness into Progress (webinar)
The 2016 Cybersecurity Survey; 'State Governments at Risk: Turning Strategy and Awareness into Progress', reports findings and analysis of a comprehensive survey of State Chief Information Security Officers (CISOs) conducted by NASCIO in partnership with Deloitte. The results of the 2016 Deloitte-NASCIO Cybersecurity Study highlights the fact that challenges still exist, but cybersecurity is becoming part of the fabric of government operations.

State CIO Top Ten Policy and Technology Priorities for 2017

  • November 2016
  • Number of views: 11068
State CIO Top Ten Policy and Technology Priorities for 2017
NASCIO conducts a survey of the state CIOs to identify and prioritize the top policy and technology issues facing state government. The CIOs top ten priorities are identified and used as input to NASCIO's programs, planning for conference sessions, and publications.

State Cybersecurity Resource Guide

  • October 2016
  • Number of views: 2919
State Cybersecurity Resource Guide

The National Association of State Chief Information Officers (NASCIO) supports National Cybersecurity
Awareness Month, now in its 13th year. State CIOs and the programs they administer have supported
cybersecurity awareness month from its inception, and states address IT security and privacy awareness,
education, and training on a year-round basis.

For the 2016 observance, NASCIO has updated its Resource Guide for State Cybersecurity Awareness, Education, and Training Initiatives. This guide includes:

  • Updated information on state awareness programs, initiatives and best-practice information;
  • Contact information for state chief information security officers (CISOs);
  • Hyperlinks to state security and security awareness pages; and
  • Information describing cybersecurity awareness, training, and education initiatives.

The Resource Guide is a working document that should prove a valuable resource for Cybersecurity Awareness Month, as well as the ongoing planning of security awareness and training efforts state programs may undertake thereafter.

2016 Deloitte-NASCIO Cybersecurity Study - State Governments at Risk: Turning Strategy and Awareness into Progress

  • September 2016
  • Number of views: 15641
2016 Deloitte-NASCIO Cybersecurity Study - State Governments at Risk: Turning Strategy and Awareness into Progress

This study reports findings and analysis of a comprehensive survey of State Chief Information Security Officers (CISOs) conducted by NASCIO in partnership with Deloitte. The results of the 2016 Deloitte-NASCIO Cybersecurity Study confirm the growing importance of cybersecurity for states.

NASCIO Staff Contact: Meredith Ward, Senior Policy Analyst (mward@NASCIO.org)

Value and Vulnerability: The Internet of Things in a Connected State Government

  • June 2016
  • Number of views: 10502
Value and Vulnerability: The Internet of Things in a Connected State Government
States are finding that the “Internet of Things” (IoT) can improve efficiency, reduce waste and connect citizens to state services in faster and more affordable ways. But with that value comes vulnerability. States must consider security, privacy, accessibility and standardization when crafting a roadmap for IoT. This policy brief describes ways that states are currently implementing IoT, possibilities for the coming years, and recommendations on avoiding difficulties along the way.

Advanced Cyber Analytics

  • April 2016
  • Number of views: 9683
Advanced Cyber Analytics
This report examines the subject of advanced cyber analytics.  It makes the case for states to invest in such capabilities and maintain ongoing maturity in advanced analytics.  All organizations, including state government must also develop and maintain response capabilities that continuously mature in sophistication in order to keep pace with an ever changing threat landscape. State government remains in a defensive position.  With the advent of multi-vector strategies by cyber criminals, state government now more than ever needs the ability to correlate disparate data sources generated from the myriad of security tools agencies have already invested in.  Examples of advanced analytics tools are provided.  The report includes a call to action list, a checklist, key questions, and recommendations.

Cyber Disruption Response Planning Guide

  • April 2016
  • Number of views: 12469
Cyber Disruption Response Planning Guide

State government must now view cyber attacks that are more than cyber incidents.  We must prepare for larger magnitude events.  These can be termed cyber disruptions, disasters or even catastrophes.  This publication includes the following:

  • A call to action for states to develop state cyber disruption response plans that include: a governance structure that clearly designates who is in charge in a given event or phase of an event; development of a risk profile for state assets; collaboration among the various agencies that have cyber responsibility; and a communication plan to ensure the right people have the right information as early as possible so they can response effectively.
  • A checklist for states to work with in developing progress toward a cyber disruption response operating discipline.
  • A cross functional process description that can be used as a starting point for states to develop their own unique cross functional process for orchestrated planning and response at various threat levels.

State CIO Top Ten Policy and Technology Priorities for 2016

  • November 2015
  • Number of views: 21484
State CIO Top Ten Policy and Technology Priorities for 2016
Each year NASCIO conducts a survey of the state CIOs to identify and prioritize the top policy and technology issues facing state government. The CIOs top ten priorities are identified and used as input to NASCIO's programs, planning for conference sessions, and publications.

2015 CISO Toolkit

  • October 2015
  • Number of views: 9715
2015 CISO Toolkit
Moving Forward: Leadership Toolkit for State CISOs includes state CISO critical leadership traits, how state CISOs and private sector CISOs differ and the tenure of state CISOs. This publication examines survey responses, gives “advice from the trenches” and details other critical success factors for state CISOs.
RSS
123456

Resources By Category

Resources By Date