lock on a chip (shutterstock.com image)

Cyber commanding greater attention in states

Risk assessments and cybersecurity metrics are the two top initiatives for state chief information security officers, according to a survey by the National Association of Chief Information Officers.

Risk assessment has been an ongoing concern cited by CISOs in the biennial NASCIO surveys that were first conducted in 2010. This year, however, marks the first time metrics to measure and report effectiveness has been among top initiatives.

The 2018 report found 30 percent of CISOs are providing cybersecurity reports to governors on a monthly basis.

Missouri CISO Michael Roling said he’s witnessed increasing interest in cybersecurity issues from leadership. When he started as CISO, he reported to the governor on an ad hoc basis, but now, thanks to a formalized strategy, that’s changing, Roling said in an Aug. 21 webinar.

The latest survey also found an uptick in the number of states with chief privacy officers. In 2016, 18 percent of states reported having a CPO, but that’s up to 28 percent of states in 2018.

Deloitte Principal Srini Subramanian said the CPO role is still not well defined and that could be why there are still so few positions in state government.

Although Missouri doesn't have a CPO, Roling said he can see how a CPO could help with legal and compliance issues related to data management.

The full biennial report on state-level cybersecurity will be released at NASCIO's annual conference in October.

About the Author

Matt Leonard is a reporter/producer at GCN.

Before joining GCN, Leonard worked as a local reporter for The Smithfield Times in southeastern Virginia. In his time there he wrote about town council meetings, local crime and what to do if a beaver dam floods your back yard. Over the last few years, he has spent time at The Commonwealth Times, The Denver Post and WTVR-CBS 6. He is a graduate of Virginia Commonwealth University, where he received the faculty award for print and online journalism.

Leonard can be contacted at mleonard@gcn.com or follow him on Twitter @Matt_Lnrd.

Click here for previous articles by Leonard.

inside gcn

  • high performance computing (Gorodenkoff/Shutterstock.com)

    Does AI require high-end infrastructure?

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group