Ever heard the phrase, "What's good for the gander, is good for the goose?" In government, the sentiment holds true. What is good for the federal government, is good for the state and local governments too.
That is why the National Association of State Chief Information Officers (NASCIO) has released their annual list of federal priorities. In GovLoop's State and Local Spotlight interview, NASCIO's CIO Mitch Hericks told the top priority at every level of government is cybersecurity.
"State CIOs are basically the Governor’s appointee on IT policy in virtually every state. With $600 billion dollars in federal programs moving from federal programs to the states to be distributed to citizens, it is important that the relationship is done in the most efficient manner possible. Our members have a vital interest in the policies that are made at the federal level," said Hericks.
#1 Cybersecurity is the number one priority.
"Cybersecurity has certainly been making news. We have been involved in pounding the table on cyber issues for some time now. Obviously with the data breaches that have taken place over the past few years and the exponentially increasing threats, cyber has been something that more people are understanding. States essentially have a huge amount of data on individual citizens and critical infrastructures. There is a significant stake in making sure that federal and state policies is aligned," said Hericks.
- Key Insights: "From the state CIO perspective there are large state databases to secure. In order to make that happen, federal participation is necessary. We are very glad that the NIST framework was put into effect, but creating a state and local overlay for that framework is also key. The overlay takes into account the mandates and authorities that the federal government puts on state and local governments. I think with collaboration we all want to row in the same direction and make this happen."
What's the first step to increase cybersecurity protections?
"The first step is for state and local government to know where they stand. The National Cybersecurity Review (NCRS) that is being done right now, is a survey by DHS. We are participating in that survey along with a few other organizations to help make that happen. We are getting information from individual state and local governments and aggregating that to get a sense of how far along they are in securing their data environment. We want to make sure they have the proper tools when it comes to cybersecurity. We should have those results in the next month or two. We think that is a great starting off point for talking about what needs to be done in each of these individual states and localities to make sure we are all doing the right things," said Hericks.
#2 Collaboration is the number two priority.
"We want to facilitate and foster an environment where those who are willing and ready to share can have that happen. You have to create the correct environment for that. To do that, you have to have some sort of data standardization. It is not so much about the willingness, although that is something you have to build trust to, but we also have to create an environment to build that trust. A lot of that is by creating common definitions, that way we are comparing apples to apples. People also need to know who they are sharing the information with so they feel comfortable that the information is not going to be used in a manner they don't expect. Ultimately that will not just improve government effectiveness and efficiency, but you will also get better security overall," said Hericks.
#3 Hiring IT folks is the number three priority.
"There is no silver bullet. We all know the federal government is having a hard time attracting talent, but at least they have the coolness of saying I work for the federal government on cybersecurity at an unnamed entity. State and local governments have a harder time attracting talent, but they are doing all sorts of things to hire people. They are working with local universities and colleges and creating special internship programs and fellowships. They do their best to retain the people from there. We want to work with the federal government to find ways to attract more of that talent upfront and retain the talent overtime," said Hericks.
If you want to learn more about the First Net Authority or NASCIO’s federal priorities you can email me at [email protected]. My name is emily jarvis and you have been listening to GovLoop's State and and Local Spotlight interview. You can find all of our interviews under keyword "Emily's Corner." Thanks for listening.