NASCIO goes to Washington

Twenty-one state chief information officers met this week with congressional lawmakers and their staffs on Capitol Hill to discuss concerns over cybersecurity, data sharing, privacy, and health information exchange.

For the fourth consecutive year, members from the National Association of State Chief Information Officers are holding their midyear conference this week in Washington, D.C., to remind federal officials that the association can be a valuable resource on a range of issues. Tom Jarrett, Delaware's CIO, said his fellow state CIOs held 60 meetings with federal officials on May 4.

Jarrett said cybersecurity has emerged as the top priority in states. For example, Delaware agencies now see a daily average of more than 2,000 attempts to break into their systems, compared to 500 last year.

It's "definitely the thing that keeps us up at night," Jarrett said, during a press conference.

Several other CIOs echoed similar concerns in their states.

Iowa CIO John Gillespie said his state receives 1.3 million unsolicited requests against its routers daily. He said attackers are becoming more organized. "Their goal in life is: 'How many servers can I claim?' " Gillespie said. "It's not a couple of servers. It's thousands."

South Dakota has seen simplistic to sophisticated attacks come from worldwide on government and educational institutions, ranging from kindergarten through college, said Otto Doll, the state’s CIO. “It’s a race to stay ahead of the curve,” he said.

CIOs said they would like to collaborate with federal officials on policy changes that could benefit the cybersecurity of state governments.

Wisconsin CIO Matt Miszewski said he met with House Judiciary Committee staff members and talked about the impact of the Real ID Act. Committee Chairman Rep. James Sensenbrenner (R-Wis.) is the sponsor of the act.

The act, which was included in the supplemental conference report by Congress on May 3, contains a wide range of immigration related issues. State officials worry about several driver's license requirements that critics describe as too stringent and costly. One requirement would force states to incorporate a minimum set of features and information into machine-readable driver's licenses and identification cards, among other things.

It would also effectively end the work of a government rulemaking committee made up of several state representatives and others who had just begun to develop minimum driver’s license standards as required by the Intelligence Reform and Terrorism Prevention Act of 2004.

Most observers expected the final version of the Real ID Act to pass the House today and the Senate next week. State officials want to play a role in the development of ways to implement the Real ID Act’s measures, Miszewski said. "We need to have the voice of state CIOs and voice of states in general as federal mandates come up," he said.

Even if the federal government does not provide enough money to implement Real ID provisions, the reality is that states still have to deal with the measure when it's passed, Miszewski said.