NASCIO calls on states to develop advanced cyber analytics capabilities

A new report released Thursday from the National Association of State Chief Information Officers recommends states bolster their cyber defenses through advanced cybersecurity analytics.

With the global cost of cybercrime exceeding an estimated $375 billion annually, the National Association of State Chief Information Officers is calling on states to ramp up their cybersecurity programs and invest specifically in advanced cybersecurity analytics.

In a report released Thursday, NASCIO partnered with the U.S. Justice Department through a grant from the Bureau of Justice Assistance, to define advanced cybersecurity analytics and make the case to states for the need to invest in the technology now.

“We’re making a call to action to states and territories to make investment in cyber analytics a priority,” New Mexico Chief Information Officer and NASCIO President Darryl Ackley, said in a release.”

Cyber analytics applies “big data tools and techniques to capture, process and refine network activity data,” according to the report. In addition, it also includes the use of algorithms for near-real-time monitoring of network nodes and the use of visualization tools, allowing security and network operations center analysts to monitor cybersecurity-related activity.


If implemented fully, cyber analytics can reduce the time it takes to detect threats on state networks. It can also lessen the time it takes for states to respond — something especially important in an era of growing cyber threats, the report said.

“In the future, advanced persistent threats will become more and more sophisticated,” NASCIO executive director Doug Robinson said in a release. “States must move away from merely waiting for the next attack and respond to a more predictive stance in anticipating attacks so they can put necessary defense in place in advance.”

To get started, the report recommends states:

  • Develop a strategic plan for advanced cyber analytics
  • Build a team devoted specifically to cyber analytics including the state chief information officer and state chief information security officer
  • Put in place policies to share data across the enterprise
  • Build a real-time ecosystem for sharing threat intelligence and best practices
  • Implement a training program to ensure employee cybersecurity awareness
  • Establish collaborative relationships across agencies and sectors to ensure best practices on cyber

In NASCIO’s 2014 cybersecurity study with Deloitte, only 7 percent of states said they had fully implemented advanced cyber analytics. The association pointed to the successful implementation of the process in Maricopa County, Arizona and Miramar, Florida as well as other cities and agencies across the country.


The new report from the association builds on another cyber-related report released earlier this month that urged state CIOs to establish plans for how to handle cyberattacks on critical infrastructure.

Contact the reporter who wrote this story at and follow him on Twitter @JakeWilliamsDC.

Jake Williams

Written by Jake Williams

Jake Williams is a Staff Reporter for FedScoop and StateScoop. At StateScoop, he covers the information technology issues and events at state and local governments across the nation. In the past, he has covered the United States Postal Service, the White House, Congress, cabinet-level departments and emerging technologies in the unmanned aircraft systems field for FedScoop. Before FedScoop, Jake was a contributing writer for Campaigns & Elections magazine. He has had work published in the Huffington Post and several regional newspapers and websites in Pennsylvania. A northeastern Pennsylvania native, Jake graduated magna cum laude from the Indiana University of Pennsylvania, or IUP, in 2014 with a bachelor's degree in journalism and a minor in political science. At IUP, Jake was the editor-in-chief of the campus newspaper, The Penn, and the president of the university chapter of the Society of Professional Journalists.

Latest Podcasts