NASCIO Cybersecurity Awareness Resource Guide

/in /by

For the 2013 observance of National Cyber Security Awareness Month, NASCIO has updated its Resource Guide for State Cybersecurity Awareness, Education, and Training Initiatives. The guide includes new information from our state members, who provided examples of state awareness programs and initiatives. This is an additional resource of best-practice information, together with an interactive state map to allow users to drilldown to the actual resources that states have developed or are using to promote cyber awareness. It includes contact information for the CISO, hyperlinks to state security and security awareness pages, and information describing cybersecurity awareness, training, and education initiatives.

The Resource Guide is a work-in-progress that should provide a valuable reference resource for Cyber Security Awareness Month, as well as the ongoing planning of security awareness and training efforts state programs may undertake thereafter.

Download

Effective Cross-Jurisdictional Collaboration – Governance is Critical!

/in , , , /by

Cross-jurisdictional collaboratives are on the rise. As the number of such collaboratives increases, there are essential ingredients for framing and sustaining successful and even exceptional collaborative arrangements that deliver real outcomes. As NASCIO reviewed successful collaboratives, proper governance continually surfaced as one of those essential ingredients for effective sharing of government information and services and effective employment of technology across two or more enterprises. This issue brief presents examples of effective governance and describes what constitutes effective governance.

Download

The Health IT Landscape: Through the Lens of the State CIO

/in , , /by

The Healthcare Information and Management Systems Society (HIMSS) and National Association of State Chief Information Officers (NASCIO) formed a collaboration to determine how the State Chief Information Officer (CIO) views the current health information technology landscape. Specific areas of focus for this study included Medicaid Management Information Systems (MMIS), Medicaid Eligibility Systems, Data Governance and Identity Management, State Level Health Information Exchanges, Shared Services and Collaborations. This study combined HIMSS’ expertise in health information technology and information exchange with NASCIO’s expertise representing state CIOs and information technology executives from the states, territories and the District of Columbia. The results of this collaborative survey will serve those seeking to understand the current environment of State healthcare technology initiatives ranging from governance models to data exchange activities. This analysis will also facilitate understanding of the intersection of the state CIO’s role with state health information technology (HIT) projects. This collaboration represents one of the first holistic analyses focused on the state CIO perspective of State HIT projects.

Download

Capitals in the Clouds Part V: Advice from the Trenches on Managing the Risk of Free File Sharing Cloud Services

/in , , /by

Cloud-based file sharing solutions have become very popular and certainly a growing and significant part of day-to-day computing. It is easy to see why these services are attractive to state government users after using them in many facets of their personal life. With a wide variety of choices in the market, these solutions are easy to access, configure and use. They support multiple devices (especially mobile), and data in multiple formats. The most important consideration for state employee users – these file sharing services are free. Since the release of the 2012 NASCIO and Deloitte Cybersecurity Study, more security and policy questions have been raised on the use of free cloud services by states. In addition to the May 2012 Capitals in the Clouds IV guidance on rogue cloud users, states have continued to seek out leading practices on how to put the proper controls in place, meet security standards, craft acceptable use policies, and identify the open records and legal concerns regarding terms of service. This brief helps to provide real experience from Commonwealth of Pennsylvania on free cloud services.

Download

Limitations on Liability Infographic

/in /by

NASCIO’s 2004 publication NASCIO on Unlimited Liability – Gaining Traction on the Road to “Win-Win” recommended changes to the state IT procurement policy regarding limitations on liability, and research from 2010 and 2012 show subtle changes have occurred in the states. This infographic indicates which states have limitations on liability in statute, which states have none, and which states are able to negotiate limitations on a case by case basis, and compares the current situation to previous NASCIO research.

Download

NASCIO Call-to-Action: The Necessity for Maturing Identity and Access Management in State Government

/in , /by

As state leaders act to streamline services, consolidate IT infrastructure and perform more efficiently, trusted digital identities and their authentication becomes a critical enabler with the digital ecosystem. All levels of government and the private sector, are confronted by this challenge and are working together to create common policy, guidelines, standards, and responsibilities to protect cyber assets and ensure appropriate mechanisms are in place for a coordinated identity ecosystem. This guidance presents the value proposition along with key factors for establishing an enterprise-wide approach to identity management.

 

Download

What Makes Collaborative Initiatives Work?

/in , , , /by

Collaboration is a major part of the solution to sustaining and thriving government organizations and services. But it has to be done correctly so it is effective, can sustain through the life of the initiative’s intent, and can adapt with changing environmental circumstances. No matter what service area, mode of delivery, management area, or technology, collaborative arrangements should be considered as an alternative that may deliver the most effective outcomes.

NASCIO is actively investigating existing collaboratives in order to promote collaborative arrangements across government and to uncover operating discipline and best practices that make for successful collaboratives. These best practices support strategy, governance, program and project management, organization, operations and effective application of technology.Collectively these best practices are imbedded in the enterprise architecture of successful collaboratives.

 

Download

NASCIO Cyber Security Awareness Resource Guide

/in /by

For the 2012 observance of National Cyber Security Awareness Month, NASCIO has updated its Resource Guide for State Cyber Security Awareness, Education, and Training Initiatives. The guide includes new information from our state members, who provided examples of state awareness programs and initiatives. This is an additional resource of best-practice information, together with an interactive state map to allow users to drilldown to the actual resources that states have developed or are using to promote cyber awareness. It includes contact information for the CISO, hyperlinks to state security and security awareness pages, and information describing cyber security awareness, training, and education initiatives.

The Resource Guide is a work-in-progress that should provide a valuable reference resource for Cyber Security Awareness Month, as well as the ongoing planning of security awareness and training efforts state programs may undertake thereafter.

 

Download