May 2017
NEWS TO USE
  • Nominations are being accepted for the State Technology Innovator Award through June 8 - Review guidelines and submit here
  • Miss the Midyear conference or interested in sessions slides? Presentation slides and videos are posted
  • #StateCIOsRock: Check out how Tennessee CIO Mark Bengel is making a difference for his state
  • The Council of State Archivist (COSA) presents "The Governance of Long-Term Digital Information" webinar Tuesday, May 23 at 2 pm EST - Register Now
  • Check out the latest Corporate Member Perspectives Blog
  • Meet Our Newest Corporate Member
  • New CIO Transitions:
    • Bob Samson, Chief Information Officer, State of New York
    • John Quinn, Chief Information Officer & Secretary of Digital Services, State of Vermont
Data Classification Key to Wise Use of Cybersecurity Funding
Amy Glasscock, Senior Policy Analyst

When we leave our homes in the morning, we lock the door. Some items are put away in drawers while other items are protected further in a fire safe. We take the time to classify our belongings and assign different levels of protection to them based on their value to us. Data held by states should be no different.

As has been the case in the last several years, the number one priority for State CIOs on NASCIO's annual Top Ten list for 2017 was security and risk management. Included in that category is "budget and resource requirements, (and) data protection."

As cybersecurity threats increase and become more sophisticated, unfortunately state budgets to combat the threats are not keeping up. CIOs and other state employees entrusted with the security of our data must find the best use for the available funds.

This is where data classification becomes critical. NASCIO recently released Better Data Security Through Classification: A Game Plan for Smart Cybersecurity Investments. The brief, a joint project between NASCIO's Cybersecurity Committee and Data Protection Working Group, explains why a risk based cybersecurity approach is the most beneficial to state government data.

When states have an enterprise-level data classification policy in place, not only is data better organized and protected, but the state is able to prioritize funding where it is really needed. NASCIO encourages states that have yet to implement such a policy to consider doing so. The next part of this series will be guidelines for creating a data classification policy and will be released this summer.
NASCIO Issues Blockchains - Advancing Digital State Government

This brief will open the discussion about blockchains and the potential impact on state government.  We won't delve into the mechanics of blockchains, nor the potential for proliferation of new "e-currencies."  We want to open the door to the world of blockchains through a variety of conversations with leaders in state government and industry in order to begin discussions regarding where blockchain technology can serve the mission of state government.  Learn more.
Watch on Washington Top 5
  1. Cybersecurity executive order released. On May 11, President Trump signed "Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure." The EO requires the federal government to: use the NIST Framework, identify capabilities that agencies could employ to support cyber efforts by critical infrastructure entities at risk of attack, recruit more cyber experts, among other provisions. The EO also requires a report within 90 days by the American Technology Council outlining the legal, policy, and budget considerations relevant to consolidated network architectures and shared IT services. 
  2. Senate studies cyber threats. On May 10, the Senate Homeland Security and Governmental Affairs Committee invited witnesses from academia and industry to discuss cyber threats facing America. Witnesses testified about different types of actors: (nation) states, state-based proxies, and cyber criminals; different types of events such as disruption; and new methods of attack. Chairman Ron Johnson (R-Wis.) suggested that private sector expertise is key to formulating solutions for a national cybersecurity strategy. Ranking Member Claire McCaskill (D-Mo.) later told press she was disappointed that the hearing didn't include witnesses from the Administration. 
  3. Federal lawmakers working on DHS reorganization. House and Senate homeland security committees appear to be working with DHS and the Administration on a bill to reorganize the agency. House Homeland Security Committee Chairman Mike McCaul (R-Texas) reports that he is close to introducing a bill to that would create a new cybersecurity agency at DHS; Chairman McCaul has stated that DHS reorganization is one of his priorities for 2017. 
  4. Feds not ready to comply with DATA Act. House Oversight Committee Chairman Jason Chaffetz (R-Utah), ranking member Elijah Cummings (D-Md.) and other members of the committee sent a letter to treasury secretary Steve Mnuchin outlining several issues identified by GAO which could hinder agency implementation of the DATA Act which requires standardized reporting of spending data. Per the Act, federal agencies were to start reporting data in May 2017; spending data reported by federal agencies are viewable at USASpending.gov
  5. Just for fun: John Oliver v. the FCC. Comedian and HBO news commentator John Oliver urged "Last Week Tonight" viewers to file comments supporting net neutrality rules that FCC Chairman Ajit Pai aims to roll back. Oliver directed viewers to gofccyourself.com which redirects to the FCC's net neutrality comment site; the site crashed and initial reports indicated the problem was volume. The FCC is now claiming that it was the victim of a DDoS cyberattack.
GeorgiaGov Interative: Why We Care About We Accessibility

GeorgiaGov Interactive recognizes that you care about every customer needing your Agency's services. The themes are not only consistent with WCAG 2.0 (AA) standards but they exceed federal standards, winning us the National IT Award for Accessibility Initiative. All state agency websites hosted on GeorgiaGov's platform are now accessible for people with visual, hearing, motor, and cognitive disabilities.

The GTA-led initiative to ensure the accessibility of state websites to people with a range of disabilities has been honored with a first place award from the National Association of State Chief Information Officers (NASCIO).  Learn more .
GET TO KNOW NASCIO MEMBERS
DocuSign is the fastest, most secure way to make every decision and approval digital, so you can keep moving forward. DocuSign helps government and public sector organizations eliminate the hassles, costs, and lack of security in printing, faxing, scanning and overnighting documents to complete transactions. 



Laserfiche Enterprise Content Management transforms how organizations manage information, automate document-driven business processes and make timely, informed decisions. Using Laserfiche, organizations can innovate how documents and unstructured information are processed and analyzed to achieve business results. 



RiskSenseĀ®, Inc., is the pioneer and market leader in pro-active cyber risk management. The company enables enterprises and governments to reveal cyber risk, quickly orchestrate remediation, and monitor the results. This is done by unifying and contextualizing internal security intelligence, external threat data, and business criticality across a growing attack surface.