The end of the year means two things: setting unrealistic New Year’s resolutions and endless retrospectives. While we can’t force you to put down the cake and pick up a carrot, we can help you do your job better by highlighting some of the biggest and best innovations to come out of government in the last 365 days. Throughout December the DorobekINSIDER will sit down with government experts to talk about the hurdles, wins and challenges in 2013. (You can find all the interviews here.)
End Of Year Innovator: Doug Robinson, NASCIO Executive Director
“For the States, the theme of 2013 was cybersecurity. Major cybersecurity headlines included incidents and data breaches in the states. We spent a lot of time talking about growing IT security threats, both the growth of the number of threats, as well as the velocity of those threats and the consequences of those threats. IT security came back in full force to take the number one position for the topic of conversation in 2013,” said Robinson.
“The bad actors, the nation-state acts, got a lot of attention. But for states it is all about the data. The bad guys are all about getting the data for criminal activities, identity theft, third party sales,” said Robinson. “But if you look at the actual causal factors – the data breach – it is still inadvertent exposure. It is non-malicious, but you have a lot of state employees and contractors who are not protecting data, so the number one cause of data breaches in the public sector still seems to be inadvertent exposure by employees and contractors. That seems to happen on a regular basis,” said Robinson.
The State CIOs are still focused on operational cost savings, looking at alternative sourcing strategies, different ways to optimize their environment and reduce their overall spend. But we have seen a bit of a recovery. It has not been a strong recovery. Added to that, you see decreasing funds from the federal side, sequestration has had a significant impact on state and local governments because their high reliance on federal dollars. Most states, almost 30% of their budget comes from federal sources, so it can have a big impact,” said Robinson.
Right people in the right job?
“In two major recent surveys we asked questions related to personnel. I can tell you that with both State CIOS and CISOs the inadequate availability of security professionals is a relatively high priority in terms of the barriers and challenges,” said Robinson.
The other main personnel challenge is the compensation level. You have both the private sector and the federal government all looking to the same pool of cybersecurity professionals.
Inadequate availability. 55% of state CIOs said that was a major barrier.
Competency of current cyber pros is down. When the budgets get tight training and other professional developments slowed down. So, you may not have enough of the right people.
Retirement of existing pros.
“It is a triple whammy because it is difficult to recruit, but you have also had a number of CIOs retire out of state government, it is very difficult to replace them,” said Robinson.
What’s happening in 2014?
“We asked our CIOs to forecast their priorities for 2014, cybersecurity moved up to number one. It has been on the list for the last 8 years. It was number one back in 2005 but then it positioned itself in the middle of the top 10, but clearly with what took place in 2013, they put cybersecurity back in first place. Consolidation and optimization moved to the number two spot. It had been in first for the last three years. Cloud was third,” said Robinson.
Year In Review Interview: