IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

NASCIO Midyear: Day One Takes on Cybersecurity, Innovation and Analytics

Monday's programming dove deep into top-of-mind issues for state CIOs.

BALTIMORE — Afternoon sessions at the NASCIO Midyear conference took a closer look at some of the issues state CIOs focus on the most. Three half-hour "deep dives" ran the gamut from cybersecurity to data analytics to innovation, and attendees were encouraged to ask questions of presenters, ensuring everyone got as much out of the event as possible. These short but impactful sessions allowed for a free-flowing exchange of ideas and built on the networking and community-building activities earlier in the day.

Innovate Oklahoma

While Oklahoma isn’t usually thought of as a hot bed for govtech startups, state IT leadership there is working to change that.

In a deep dive session Monday afternoon, Oklahoma Director of Technology Services Dustin Crossfield explained the state’s approach to fostering innovation, bringing together citizen needs, entreprenurial energy and government knowhow. Innovate Oklahoma is a partnership between the Oklahoma Center for the Advancement of Science and Technology (OCAST), Innovation to Enterprise (i2E) and the state Office of Management and Enterprise Services (OMES), and aims to transform how state government works while growing the region’s high-tech sector.

Crossfield described the process by which ideas go from idea to realization. First, a citizen creates a “challenge submission” on innovate.ok.gov. Technologists from the community then see those challenges and offer solutions in various stages of realization. Those citizens and tech experts then collaborate with OMES and other state agencies to turn ideas into real tools that the government can use to improve citizen services — plus a new startup is created.

One company Crossfield pointed to as having moved through the Innovate Oklahoma process, from citizen idea to the final states before fruition, is Actovos, a DHS program that will use technology to help the Department of Human Services vastly expedite part of the foster system process, moving children into care in just 20 minutes, rather than up to one week.

Crossfield has set an ambitious goal for these Innovate Oklahoma projects: He envisions a four-week turnaround from the time the deal for a solution closes to its initial rollout. He said they haven’t quite made that yet, but stressed the importance of pushing innovation with deadlines.

And he hopes the program will help other states and jurisdictions as well. Entrepreneurs retain all of the intellectual property associated with their ideas, and Crossfield wants to promote their tech to other states, welcoming other states to engage with the companies and use their software.

CISO as a Service

A jurisdiction’s size doesn’t necessarily correlate to the size of its cybersecurity challenges. Just as many larger cities and states are lending their expertise to private businesses to get up to speed on the latest threats, Michigan is also assuming that role when it comes to local governments within its borders.

At an afternoon session, Andy Brush, deputy director of the Office of Infrastructure Management and IT manager for Washtenaw County, was joined by Michigan Deputy Chief Security Officer Chris DeRusha as well as Michigan CIO David DeVries, to talk about Michigan’s innovative CISO-as-a-Service program.

Last year, the state started a pilot program, initially working with nine jurisdictions. At the time, officials expressed a desire to expand the offering statewide. Asked how best to engage with cities and counties to encourage participation, Brush suggested connecting with existing organizations: “Find those naturally occurring groups and go to where those groups are,” he said.

A key element of the program is a common assessment that results in each jurisdiction having a baseline that allows them to prioritize their security strategy as well as track progress over time.

For those looking to replicate the program in Michigan, presenters suggested a six-pronged strategy: Determine service requirements; explore funding options; identify participants; identify champions; establish governance and draft legal agreements.

The biggest challenge in any cybersecurity-related endeavor, according to DeVries, is finding the staff to implement best practices needed to protect government assets. “Where do you get the supply of talent to do these things?” he asked, a problem faced in both the public and private sectors. 

North Carolina Government Data Analytics Center

The idea to “start small, focus strategically” was key to North Carolina CIO Eric Boyette’s approach to using data analytics to realize efficiencies and cost savings in his state.

The North Carolina Government Data Analytics Center (GDAC) is tasked with bringing together all data in the state and using it to make agencies throughout the state work better. Boyette outlined three key elements to getting such an endeavor off the ground: data governance, data standards and business processes.

He particularly emphasized the business aspect of forming a data hub like GDAC, explaining that while IT leaders and staff may have some degree of business experience, they’re technologists at heart. State agencies know what they need and can drive their own business efforts. The role of GDAC staff is to provide the tech to make that happen.

With a background in transportation, Boyette pointed to a number of transit-related use cases, including the creation of a Transportation Analytics Center. GDAC worked with the Department of Transportation (DOT) to analyze the agency’s needs, then brought together and analyzed data that could address those needs. They also worked with business process experts who could identify holes in the plan that GDAC may have missed.

When GDAC presented its findings, they showed that DOT had the financial ability to be proactive in their work, and enabled $267 million in savings for the department.

The driving point behind much of what Boyette said was that tech and data can be used to create practical solutions to complex problems.

So, he reiterated a key piece of advice: “Start small, and focus strategically.” Solutions from GDAC are oriented around a basic question: “What are we trying to solve?”

Lauren Kinkade is the managing editor for Government Technology magazine. She has a degree in English from the University of California, Berkeley, and more than 15 years’ experience in book and magazine publishing.