IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

State Technology Leaders Focus on Procurement, Cybersecurity and Agile

The National Association of State Chief Information Officers (NASCIO) held their Midyear Conference in Baltimore this past week. There were plenty of hot topics on the agenda, including: enabling innovation through agile software development, the continuing need for procurement reform and a big push on cybersecurity.

NASCIO16 3.JPG
NASCIO Midyear Conference 2016 in Baltimore - credit: Lohrmann
From the opening keynote highlighting what it takes to be a successful technology leader in 2016 to the closing general session to determine “are you smarter than a state CISO,” the 2016 NASCIO Midyear conference was packed with thought-provoking content. The mix of speakers, panels, breakout sessions, “speed networking” (by jumping to different tables to discuss hot projects with leaders from various states) and other engagement was outstanding, in my opinion.

The conference kicked-off with one of the best opening keynotes that I have seen in the past few years. Scott Klososky's views on technology-infused leadership offered interesting stories and helpful analogies that certainly raised the bar for public- and private-sector attendees. 

I can’t go through all of Scott’s keynote points here, but one of his best takeaways was on being a “High Beam Leader” and not just a “Low Beam Leader.” The major difference is whether you are just managing the operation (low beam) versus seeing the future accurately and leading the organization into what’s truly next.  

Here’s an excerpt from a talk Scott gave last year where he described what it means to be a “high beam” leader.



Here’s another earlier excerpt from a talk that Scott Klososky gave last year, which covers some of the same material from the recent NASCIO Midyear Conference. 



I especially liked how Scott wrapped up the keynote with a challenge to each technology leader to leave a lasting “digital legacy” in their situation that:

  • You pioneered new uses
  • You invested in the future
  • You implemented new processes
  • You left a winning digital strategy
The second session on procurement reform looked at what’s working and what’s not regarding procurement practices across the states. Procurement is a challenging area, with frustrations from the vendor community as well as the government technology leaders in the states.  

Everyone on the panel agreed that unlimited liability requirements "needed to go" in government contracts. But beyond that, there were pros and cons regarding various suggestions — including a big push toward agile software development processes — which is largely viewed positively by the state leaders.

Back in late February 2016, NASCIO issued this call for state IT procurement reform. Here’s an excerpt:

NASCIO believes that there are five actions that states can take to improve the IT procurement process:

I really like this state overview (with video clips of various CIOs) that Noelle Knell and Steve Towns from Govtech.com put together from this week, which provides current agile development activities in several states.

NASCIO Midyear Conference 2016


Cybersecurity Stays Front and Center for States

There were several sessions addressing privacy and cybersecurity actions, and NASCIO issued this press release on May 6, 2016, which calls for a stronger federal-state partnership on cybersecurity. Here’s a brief excerpt:

Today NASCIO members engaged with strategic partners, representatives from Capitol Hill, federal officials from U.S. Department of Homeland Security (DHS), Internal Revenue Service (IRS), and FirstNet to emphasize the need for strong partnership between federal and state governments. More than 30 state CIOs and state technology policy officials participated in NASCIO’s 2016 Fly-In, where they had the opportunity to advocate for NASCIO’s 2016 advocacy priorities. ...

DHS’ Assistant Secretary for Cybersecurity and Communications, Dr. Andy Ozment, spoke to federal cybersecurity resources available to state governments on how state CIOs can take advantage of those offerings. State CIOs also received a DHS briefing focused on lessons learned from the attack against Ukrainian power infrastructure in December 2015. ...

There was an excellent breakout session on privacy actions in the states on Thursday afternoon, which covered the evolving privacy policies, different governance approaches and the future of privacy legislation. NASCIO recently launched a privacy sub-committee within its membership to cover a long list of items related to data sharing.

NASCIO Privacy Breakout Session


Final Thoughts

Leadership and governance changes, such as those announced this week regarding the centralization of cybersecurity in California, will continue to accelerate in state governments. Therefore, the collaboration efforts taken by organizations such as NASCIO and the National Governors Association (NGA) have become even more vital — so that states can learn from best practices, successes and failures in other states.

NGA announced a state cyber policy academy in April, and efforts by NGA go back several years to the establishment of the Resource Center for State Cybersecurity. Back at the 2013 NGA Winter Meeting, I offered these seven actions for state leaders to consider on cybersecurity.

I have attended dozens of NASCIO Midyear and Annual Conferences over the past two decades, and I can say without hesitation that I found this event to be in the top tier of events held.

NASCIO 2016 Closing Session - "Are You Smarter Than a CISO"


Why? I saw more interactive and fast-paced sessions with opportunities for public- and private-sector pros to engage in meaningful dialog in helpful ways.

Nevertheless, the challenges and pressures facing state governments are immense, and the turnover among CIOs and CISOs remains high. I don't see this trend changing with 12 gubernatorial elections in 2016. The turnover will likely accelerate again in 2018 when many more governors are term-limited

This turnover of leadership is also true in cybersecurity leadership. I heard from a trusted colleague at Deloitte, who was putting together the next biennial cybersecurity study of the states (the last NASCIO study can be found here), that 24 new CISOs are filling out the survey in this round. This turnover has occurred in just two years. Those cybersurvey results will be announced at the NASCIO Annual Conference in September.

I was encouraged by the additional steps that NASCIO and NGA are taking to further collaboration on cybersecurity, and I plan to cover more details on next steps this summer.

 

 

 

 

Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.