Five big state IT stories that made 2024

This year proved to be a busy one for state technology leaders. But across state lines, a handful of big stories took center stage in 2024.

Each state contended with a variety of issues created by evolving technology, natural disasters, cyber threats and digital inequality this year. But, in addressing these common challenges, common opportunities emerged for innovation, resulting in several themes that transcended differences among the states, their tech operations and political party lines. 

Here’s a closer look at the five biggest IT stories that defined 2024 for state governments.

Generative AI boom

The biggest IT story across many states in 2024 was the exploration and deployment of generative AI, which kicked into high gear this year. Many state governors in 2023 took regulatory actions such as issuing executive orders on the tech or creating working groups or task forces to lead AI policy creation, and the trend continued this year. State policymakers introduced nearly 700 pieces of AI legislation in 2024, and even more are predicted for 2025.

So far, more than 30 states have formed a task force to advise on AI, an advisory council or an alliance among public and private sector partners to ready states, their agencies and legislative bodies to take advantage of and manage the technology. And those groups began work this year. For example, Texas’s Artificial Intelligence Advisory Council, according to Chief Information Officer Amanda Crawford, has met five times in 2024 and is slated to release a report detailing new guidelines and recommendations for state lawmakers soon.

Once-theorized use cases for generative AI also became a reality in many states this year. Pennsylvania made waves in January becoming the first state to announce it had bought ChatGPT licenses from AI company OpenAI for members of its Office of Administration to participate in a pilot of the technology, signaling an embrace of AI in government operations. Unemployment offices like New Jersey’s also began deploying the tech to assist with translation for non-English speaking residents.

While many states made great strides to get ahead of the AI curve this year, they often came with leeriness. Some state officials described the process of incorporating generative AI into state operations as “building a plane in flight,” citing challenges like training their workforces to understand how to use the new capabilities and tools. Some of these headwinds — in addition to some states contending with unclear governance and ethical frameworks, the lack of technology infrastructure, and funding — were the fodder for a September survey by Ernst & Young that showed state and local government agencies lagging behind the federal government on AI adoption.

But beyond a natural skepticism of the newer technology, the capabilities and possibilities presented by generative AI are exciting state government leaders and employees alike. However, state leaders made it clear adoption needed to be done in lockstep with strong governance, guidelines and leadership around the technology. 

But before AI, states need better data

In the process of expanding and exploring AI uses this year, many state governments discovered they needed better data quality and governance, a trend that became the year’s second biggest story. 

While the role of the chief data officer has become a fixture in state IT leadership in recent years, duties of the CDO — which include improving a state’s data infrastructure and facilitating data sharing — this year grew to include preparing data for AI consumption. And with a survey published by NASCIO and EY in September finding that only 22% of states operate data quality programs, the urgency to improve state data governance increased exponentially. 

“One thing all states can tell you is that our data is probably not in the best shape,” Georgia CIO Shawnzia Thomas said in October. “Right now, we’re trying to make sure we get all our agencies to delete all the data that you don’t need.”

In California, Chief Data Officer Jason Lally said a good first step in tackling statewide data projects is for each agency to agree on definitions, including “data collection,” “privacy” and “security.” Many states this year began exploring data literacy programs to inspire change in the culture of day-to-day government work to be more data-friendly. But Indiana Chief Data Officer Josh Martin said in March this can be as challenging as any other business culture shift.

Another step agencies must take is bridging the state data silos, but in some cases, this requires the state to take a more measured approach. Outgoing North Carolina CIO Jim Weaver said in October that resolving his state’s data issues ahead of widespread generative AI adoption needed to be “segment by segment, set by set,” instead of attempting to tackle the entire problem at once.

Infrastructure as a cyber target

While state and local governments suffered their fair share of cyberattacks in 2024, the cybersecurity of critical infrastructure received a new level of attention and scrutiny, becoming the third biggest state IT story for the year. 

Cyberattacks on critical infrastructure — the collection of 16 sectors like energy, communications, information technology, transportation and water utilities that serve as the backbone for daily life — are known to have cascading effects on national security, public health and safety. Earlier this year, a report published by the cybersecurity firm KnowBe4 called cyberattacks on power grids, communication systems, transportation networks, ports and other infrastructure “the new geopolitical weapon,” and a rising threat to state governments. 

A November memo from the Environmental Protection Agency’s Office of Inspector General found that of the 1,000 public drinking water systems serving 193 million people that the office scanned for cyber vulnerabilities, 97 had critical- or high-risk vulnerabilities. Another 211 water utilities had “medium” or “low” risk security vulnerabilities, such as “externally visible open portals.”

“This critical infrastructure sector faces various threats from cyberattack, theft, vandalism, and other risks that can affect public health and leave communities vulnerable to the loss of clean water. This challenge is not hypothetical,” Nicolas Evans, the office’s acting assistant inspector general, said in his Nov. 13 memo. “Recent high-profile incidents at water systems have demonstrated the urgency needed to address cybersecurity weaknesses and vulnerabilities to physical attacks.”

Many state, local, tribal, and territorial governments are the first line of defense against cybercriminals seeking to disrupt the operations of critical infrastructure, but they’re often short on cybersecurity funds. To address these challenges, the Cyber Infrastructure and Security Agency and the Office of the National Cyber Director in December published a guide for federal agencies that manage cyber grant programs to help state and local operators of critical infrastructure build cyber resilience into their grant programs. 

And states are taking their own actions against the threats. For example, Indiana announced this month that it would make cybersecurity assessments free to the state’s water and wastewater treatment facilities, with CIO Tracy Barnes stating the program was in reaction to the growing trend of cyberattacks volleyed against the state’s critical infrastructure. Kansas is running a promising cybersecurity training program targeted toward critical infrastructure, and it’s gaining attention from other states, including California, Maryland and Texas.

Monies to close the digital divide

While state IT offices have paid plenty of attention to the gaps in access to broadband over the past several years, the efforts undertaken in 2024 to close the digital divide — the gap between people who have access to digital technology and internet, and those who do not — and the federal funds states received to do so developed as another top story.

This year, all 50 states, Washington, D.C., and Puerto Rico had their digital equity plans approved by the National Telecommunications and Information Administration, allowing many states to begin taking action on how they would use their piece of the $2.75 billion in funds for states created by the Digital Equity Act in the 2021 infrastructure bill and President Joe Biden’s “Internet for All” initiative.

Each plan was unique to the state’s needs in addressing residents’ digital access, skills and ability to afford internet services. For example, Colorado’s plan focused on improving digital inclusion for low-income households, aging populations, incarcerated individuals, veterans, people with disabilities, those who do not speak English as their first language, racial and ethnic minorities, and rural communities.

In addition to applying for digital equity funds, states also spent time this year submitting proposals to receive funds from the $42.45 billion federal Broadband Equity, Access and Deployment, or BEAD, program. All 50 states submitted their initial proposals detailing how they would use the funds to address the lack of high-speed internet access in rural and small communities at the end of last year, with many receiving approvals this year.

However, some state officials complained this year that federal guidance published in August on BEAD grants was conflicting and potentially disruptive to their projects. The guidance retracted its earlier preference for fiber optic connectivity in favor of cheaper broadband technologies for remote locations, where fiber connectivity would be too expensive, potentially depleting the program’s funding.

Despite the conflict and workforce challenges to build broadband networks, many states are moving ahead with their broadband expansion projects, with state tech leaders this year noting that among the multitude of benefits of closing the digital divide, the work also presents the opportunity to improve cybersecurity for small and rural communities.

Using tech to combat natural disasters

Similarly to 2022 and 2023, this year was filled with natural disasters and climate-related threats. How agencies used technology to combat and respond to these emergencies was the fifth biggest state IT story of 2024. 

Some state IT leaders brought lessons learned about natural disasters last year into 2024. Following historic flooding in Vermont in 2023 that took down communication towers and challenged emergency response efforts in and around the state’s capital of Montpelier, Denise Reilly-Hughes, Vermont’s CIO, said she was prepared for this year’s flooding, which was caused by heavy rainfall in July. She said in October that flexible response plans, evaluating cyber risks expeditiously and collaborating with emergency management leaders all have become “new normals” in her job as a result of the flooding events. 

In Hawaii, last year’s disasters were also still fresh in 2024. A year after the Lahaina wildfires devastated the island of Maui, the Maui Emergency Management Agency updated its emergency preparedness and evacuation management systems to better protect residents and tourists from disasters. The Lahaina wildfires — and Hurricane Helene in Florida and North Carolina this year — illustrated the critical need for advanced emergency alert systems to be resilient when providing timely and targeted updates to residents and visitors.

Following Hurricane Helene, Gary Thompson, North Carolina’s deputy hazard mitigation officer, shared plans to upgrade the state’s critical communication systems with ultrasonic radar sensors and satellites so they can continue to predict flood zones, issue evacuation warnings and deliver critical information to residents about incoming storms. 

In Florida, ahead of this year’s hurricane season which was predicted by National Weather Service forecasters predicting storm activity to be “above normal,” protecting communications among state agencies, emergency management partners and law enforcement during and in the aftermath of weather events were focuses for several Florida cities this year. 

Across the state of Florida, the challenges created by natural disasters like hurricanes presented opportunities for innovation. Following one of the year’s stronger storms, the deadly Category 3 Hurricane Milton, Florida launched its Broadcast Emergency Alerting and Communication Operational Network, or BEACON. The tool uses artificial intelligence to convert text into speech for AM radio broadcasts, allowing government officials and emergency personnel to craft important public alerts quickly, freeing up emergency responders to focus on other tasks.