IT security standards are explained in new NASCIO publication
State information technology (IT) officers can face a bewildering array of security frameworks, so the Lexington, Ky.-based National Association of State Chief Information Officers (NASCIO) has released a guide to navigating the regulatory labyrinth. “Desperately Seeking Security Frameworks — A Roadmap for State CIOs” provides an overview of security standards, regulations and laws, and discusses their effects on a state’s security architectures, policies and standards.
IT security standards and regulations can come from many sources, including federal agencies, national and international standards bodies, or as best practices promoted by private companies. “This brief should make clear that the standards environment for IT security is complex and dynamic, but I would underline the criticality of state CIOs selecting a security framework to drive their programs forward,” said Michigan CIO and NASCIO Security and Privacy Committee Co-Chairman Ken Theis in a statement. “The security of the digital infrastructure maintained by state IT programs makes this imperative.”
“Desperately Seeking Security Frameworks” is available as a PDF on NASCIO’s Web site.