CIOs at federal departments and agencies may have their hands full as they grapple with a bevy of mandates and government-wide initiatives to modernize their IT deployments, but state CIOs are carrying a heavy load, as well.
The National Association of State CIOs (NASCIO) recently surveyed its members to identify their goals for the coming year and their priorities for purchasing services and applications.
As a group, they have an ambitious agenda.
Priority 1: Cybersecurity
State CIOs name cybersecurity as their top priority for 2015, setting their sights on areas like risk assessment, governance and the appropriate levels of funding to shore up digital government systems. Additionally, CIOs say that they are aiming to guard against insider threats and tighten up their monitoring of the third parties that are handling more and more vital processes at a time of increased outsourcing.
It's a concern that NASCIO is working to address on an institutional level. On Wednesday, the organization announced that it received a $100,000 grant from the Department of Justice to develop and promote repeatable practices for responding to a cyber incident and deploying cyber analytics across state governments.
"Cybersecurity remains a top priority for state CIOs and CISOs as well as governors," Ohio CIO and NASCIO President Stu Davis said in a statement.
NASCIO's recent survey echoes the findings of an earlier study the group conducted in partnership with the consultancy Deloitte, in which state CISOs noted that the troves of citizen data housed in their systems make them attractive targets for hackers.
That study also highlighted challenges that state IT officials face in funding their security operations, running the gamut from winning the support of executive leadership to the same hard budget constraints that, though mildly improving, nonetheless affect most government activities.
"The improving economy and states' growing commitment to cybersecurity have led to an increase -- albeit small -- in budgets," the report notes. "Nevertheless, budgets are still not sufficient to fully implement effective cybersecurity programs -- it continues to be the top barrier for CISOs."
The Deloitte study also found that most state governments are operating without a set plan for responding to a cyber attack and conducting the digital forensics needed to identify the source of the breach. With the DoJ grant, NASCIO hopes to advance more formal processes across state governments.
"Our goal is to bring all the states up to some level of parity related to these capabilities as well as cyber threat analytics," says NASCIO Executive Director Doug Robinson.
Priority 2: Adopting Cloud Services
State CIOs named the adoption of cloud services their second priority for 2015, with survey respondents identifying strategy, provider selection and governance models, among others, as key areas of focus. Unsurprisingly, CIOs said that security is also a top concern as they consider moving services and applications to the cloud.
Sign up for CIO Asia eNewsletters.