Risk-based approach best for govt security: NASCIO


By Dylan Bushell-Embling
Wednesday, 26 April, 2017

Risk-based approach best for govt security: NASCIO

A risk-based cybersecurity approach is the best tactic for state government data, a new brief from the National Association of State CIOs (NASCIO) argues.

The report asserts that governments taking a risk-based approach produce more accurate assessments, present reduced attack surfaces and exhibit improved decision-making.

It recommends that governments take an enterprise mentality by bringing together previously silo-based security and IT tools and allowing for ongoing and continuous data monitoring and assessments.

A survey of US state CIOs shows that data management and analytics is a top priority for 2017, along with security and risk management, cloud strategy and legacy IT modernisation.

NASCIO President and CIO of the state of Connecticut Mark Raymond said today the true value of a state often resides in its data assets, including the information it collects, develops and stores as well as the products and services it develops based on this information.

Reaping the benefits of this data hinges on data classification, defined in the report as “a process that identifies what information needs to be protected against unauthorized access, misuse and the extent to which it needs to be secured and controlled”. More sensitive data requires more extensive levels of protection.

“A risk-based approach to cybersecurity is ideal for state governments because it enables incremental and measurable improvement. Data classification is a critical step in the process of understanding the critical data we protect,” Raymond said.

Data classification practices need to be continually updated as systems and system data change, he added.

Image courtesy of Zappys Technology Solutions under CC

Follow us on Twitter and Facebook

Related News

Careless employees cause 80% of Australian data losses: report

While organisations are investing in DLP solutions, a report by Proofpoint shows that those...

Intercede launches MyID MFA 5.0

Intercede has introduced a range of enhancements to its MyID MFA multi-factor authentication...

23% of connected healthcare devices vulnerable to attack

New research from Claroty indicates that a high proportion of medical devices connected to...


  • All content Copyright © 2024 Westwick-Farrow Pty Ltd