The role of Chief Information Officers (CIOs) at the state level of government is changing. As the responsibility of IT purchasing shifts to business units and end users, CIOs are having to juggle new technology demands, opportunities and risks. As we've seen frequently this year, many of these new demands are being driven by a mobile- and cloud-hungry workforce.
The Adaptable State CIO, published jointly by the National Association of State Chief InformationOfficers (NASCIO), Grant Thornton LLP and CompTIA, looks at the opinions of CIOs within 50 NASCIO member states. The survey touches on several current issues, including: the role of outsourcing and managed services, data management and security, project development, and cloud use.
According to the survey, over 70% of CIOs indicated they had “cloud first” policies that had been implemented either formally or informally, or were in development. While the push to move digital archives into the cloud is still strong among State CIOs, there were also new trending use cases for cloud solutions. Disaster recovery and data storage, in particular, were under consideration by a large percentage of CIOs surveyed this year. There has also been a marked shift in favour for public cloud models. While private cloud models are still the uncontested preference among State CIOs, it seems the public cloud has grown more popular than community or hydrid models.
The survey also revealed some insights into the use of mobile devices and applications within State governments. Over half of CIOs rated these projects as “essential” or “high priority.” However, the majority of CIOs (65%) also admitted that less than 20% of their current applications were actually mobile-ready. Employee use of these mobile applications was also notably low. These results indicate that current mobile applications are not meeting the needs of employees, which is one of the drivers behind the explosive growth in cloud apps and Shadow IT.
Overall, State governments have made positive inroads in adopting cybersecurity disruption response plans. Most CIOs (94%) have adopted a cybersecurity framework based on national standards and guidelines. Although these responses are positive, current trends indicate that data breaches at government agencies continue to rise. Existing standards are therefore either inadequate or inadequately applied.
State CIOs can play a positive role in helping to adapt to changing circumstances, including those that affect data. In particular, creating a top-down culture of security, with ongoing education and prevention, can help support technologies put in place to increase visibility and control over data. In our whitepaper, Five Steps to Prevent Data Breaches in State and Local Government Agencies, we lay out a layered approach to security that will allow state and local government IT security leaders to effectively take back control to prevent and remediate data breaches appropriately.