Cyber, mobile and managed services: What state CIOs are saying
Connecting state and local government leaders
NASCIO's latest poll of state CIOs explores a wide range of IT problems and priorities.
SALT LAKE CITY -- If there's good news on the cybersecurity front for state governments, it's this: Virtually every CIO now has the attention and support of top state officials to address the growing threats. In the just-released 2015 State CIO Survey, just 2 percent of respondents -- that is, a single CIO -- cited "lack of executive support" as a major barrier to cyber preparedness.
Far more, however, said that increasingly sophisticated threats (77 percent), inadequate funding (64 percent) and a lack of trained security professionals (62 percent) were complicating cybersecurity efforts in their state.
And while 84 percent of respondents said their state has adopted a cybersecurity framework based on national standards and guidelines, just 52 percent have documented the effectiveness of their cyber programs, and only one in five have obtained cyber insurance.
The survey, conducted by the National Association of State CIOs, Grant Thornton and CompTIA and released Oct. 13 at NASCIO's annual conference in Salt Lake City, covered a wide range of other IT issues as well.
On the subject of managed services, for example, virtually every state is taking advantage of as-a-service IT. Fully 93 percent of respondents reported using software-as-a-service; 73 percent said infrastructure-as-a-service is part of their state's portfolio, and 56 percent are using some form of platform-as-a-service.
Florida CIO Jason Allison, speaking at an Oct. 13 panel that focused on the survey, said that his state had been moving toward managed services for some time. "We find ourselves actively shrinking our data center footprints," he said, "and moving out of providing [various IT services directly], and looking to source those services."
Connecticut CIO Mark Raymond who also took part in the panel, agreed. "The recognition that we can't do it all ourselves is what you're seeing in those [SaaS] application numbers," he said.
Raymond cited his own state's experience in the wake of the Sandy Hook Elementary School shootings in 2012. There was some 9 gigabytes of data on the investigation that needed to be released, he said -- and if Connecticut had tried to host that data itself, "technology would have been the story, where we were in the way."
Instead, Raymond said, his office put the data into Amazon's cloud. "We were seeing 20,000 simultaneous users," he said, but there was never a hiccup -- and the total bill was $6,000.
Grant Thornton Managing Director Graeme Finley, who presented the overall survey results, said that while some states will likely always own and operate virtually all of their IT, "some model of hybrid managed services seems to be the dominant model."
And SaaS applications are by far the most popular, he added: "It's almost a universal it this point."
Mobile services, meanwhile, were deemed either "essential" or a medium or high priority for 91 percent of survey respondents. Most (71 percent) were pursuing a mixture of dedicated mobile apps and mobile-friendly websites; just 6 percent said they were committed exclusively to one approach or the other, while 23 percent said their state did not have a clear mobile direction at this time.
The full survey results, which also cover procurement, shared services, data management and the many roles of a CIO, are available on the NASCIO website.
And overall, NASCIO Executive Director Doug Robinson said, demand seems to be growing for flexibility in sourcing, software and services.
"Agility in these three dimensions is very, very important to the success of CIOs," Robinson said.
NEXT STORY: Industry Executive of the Year: David Moskovitz