Cybersecurity tops NASCIO priorities for 10th straight year

For the past decade, state CIOs have named cybersecurity as their top priority, according to NASCIO's annual list.
NASCIO banner
(Colin Wood / Scoop News Group)

For the 10th consecutive year, cybersecurity and risk management topped state chief information officers’ top priorities, according to the annual list published Monday by the National Association of State CIOs.

Digital government services remained in a familiar No. 2 spot, for the fourth straight year, but the rest of NASCIO’s list showed that its members are shuffling their priorities heading into 2023, as concerns about the future of state IT take hold. Workforce issues ranked third, with state CIOs focused not just on hiring new employees, but also redefining how government tech jobs are designed.

In previous years, the IT workforce ranked seventh, but the rise aligns with NASCIO’s recent surveys of both its CIO members as well as state chief information security officers. Both groups said it’s become increasingly difficult to recruit and retain workers for a variety of reasons, including the ongoing desire for remote work, a legacy of wonky job titles and descriptions and challenges in making the public sector appealing to younger workers entering the labor market.

Legacy modernization and identity and access management moved up to Nos. 4 and 5, respectively, while cloud services fell back to sixth place. Broadband, though, tumbled from third place to ninth — after a massive federal infusion of cash for high-speed internet access has started flowing to states. Enterprise architecture, which ranked eighth last year, fell off the newest list in favor of customer relationship management.


In an accompanying list of high-priority technology tools and practices, state CIOs also named identity and access management tools — including multifactor authentication — to the No. 1 spot. The lack of MFA implementation continues to be a problem across the public sector, especially in ransomware-wracked school systems where, according to one recent report, 81% of districts have not fully adopted the procedure.

Several other tech tools repeated as well, including robotic process automation and low-code or no-code software development.

NASCIO’s 2023 Strategies, Policy Issues and Management Processes:

  1. Cybersecurity and risk management
  2. Digital government and digital services
  3. Workforce
  4. Legacy modernization
  5. Identity and access management
  6. Cloud services
  7. Consolidation and optimization
  8. Data and information management
  9. Broadband and wireless connectivity
  10. Customer relationship management

NASCIO’s 2023 Technologies, Applications and Tools:

  1. Identity and access management
  2. Legacy application modernization
  3. Cloud solutions
  4. Software-, infrastructure-, platform-as-a-service
  5. Security enhancement tools
  6. Artificial intelligence and robotic process automation
  7. Data analytics
  8. Low-code and no-code software development
  9. Enterprise resource planning
  10. Business process integration tools
Benjamin Freed

Written by Benjamin Freed

Benjamin Freed was the managing editor of StateScoop and EdScoop, covering cybersecurity issues affecting state and local governments across the country. He wrote extensively about ransomware, election security and the federal government’s role in assisting states and cities with information security.

Latest Podcasts