Tag Archives: privacy

Get to Know the CDO

Posted on by

Chief Data Officer (CDO) may be one of the newest C-suite designations, and it's quickly becoming one of the most important. With data-driven government becoming a mandate via the Federal Data Strategy and the Evidence Act, accountability around data management is essential. More than just a way to check a compliance box, having a CDO is a smart business decision in a world where data is critical to how government organizations interact with constituents. However, having a CDO is only a start. The CDO needs to be set up for success as well.

One report indicated that 60% of federal CDOs lack a clear understanding of their role. According to Gartner, a CDO is a senior executive who bears responsibility for enterprise-wide data and information strategy, governance, control, policy development, and effective exploitation. This role makes sure data is secured appropriately for access, as well as privacy concerns, and sets the rules and processes for managing the data lifecycle. The CDO also develops solutions to use that data to create business value.

Even if the role is defined within an organization, CDOs report they lack budget authority or insight into what budget they have to complete their jobs. This mirrors what we have seen with another "young" position, CIOs. Chief Information Officers have seen their role elevated by its measurement in the FITARA scorecard, and with that tracking, are getting more budget authority and input. In addition to budget, CDOs also need the authority to set and enforce policies and processes across their organization and, in doing so, streamline communication among related groups. Continue reading

Introducing Drones into the Government Toolkit

Posted on by

DroneFrom military missions to public safety applications to infrastructure inspections, drones have many applications across government. While the technology is ready for all of these applications (and more), there are complex regulatory and legal issues that are holding up their widespread use. These issues include airspace regulations (for the safety of manned and unmanned flights), privacy concerns (related to on-board cameras), and cybersecurity concerns.

While these issues are being discussed in the courts and across regulatory bodies, state and federal level agencies are taking steps to integrate drone usage into their processes. For federal agencies, drones are available on the GSA Schedule. State and local organizations are piloting a drone-as-a-service model that allows groups to use drones for specific-use cases without having to invest in the purchase and maintenance of the hardware.

There are a number of upcoming events that address both the technology and the policies that impact current and future drone usage. Continue reading

Blockchain: Are We There Yet?

Posted on by

Implementations and pilots of blockchain continue across government. The benefits of blockchain, including decentralization, immutability, security, and transparency, are appealing in government as they relate directly to mandates around security, privacy, and data openness. It is these needs that will drive further acceptance and use of blockchain.

As this article points out, innovation is not found in just one technology alone - it is a combination of inventions that when used together toward a specific goal create a new way of doing something. The example cited is the airplane. Human flight was made possible by the desire to travel faster and the combination of technologies and discoveries such as the gasoline engine and aerodynamics. Similarly, the goal of peer-to-peer transactions powered by blockchain will be achieved when the technology is combined with other innovations and processes. Some early successes fueling the wide application of blockchain include:

Continue reading

Facing the Cybersecurity Threat Head On

Posted on by

In October, ghosts and goblins come to life as decorations on front lawns and as candy-seeking children knocking on our doors. But stepping away from the frivolity of Halloween, October has also become a time for us to reflect on the real threats we face year-round when it comes to our data, identity privacy and online security.

National Cybersecurity Awareness Month (NCSAM), spearheaded by the Department of Homeland Security (DHS), is a "collaborative effort between government and industry to raise awareness about the importance of cybersecurity and to ensure that all Americans have the resources they need to be safer and more secure online." This year's theme is Own IT. Secure IT. Protect IT. Programs around the country will address topics including citizen privacy, securing consumer devices, and eCommerce security.

More than IT professionals talking to one another, NCSAM aims to reach out to the public to emphasize personal accountability and educate people about the importance of taking proactive steps to enhance cybersecurity at home and in the workplace. The NCSAM website has some handy guides that can be shared to educate people on these actionable steps.

Continue reading

Is IoT a Superhero or Villain?

Posted on by

The Internet of Things (IoT) is made up of webcams, sensors, thermostats, microphones, speakers, cars, and even stuffed animals. All of these connected devices can help individuals and organizations stay connected across geographic distances, keeping tabs on and managing assets from miles away. The data they collect can be combined with other data sets to create actionable advice for better management and service.

This holds incredible promise for local governments and federal agencies charged with maintaining safe operating fleets and facilities. There's also the application for improving the routing of field technicians as well as traffic flow in general. But, as every superhero knows, with great power comes great responsibility.

As with any technology, IoT standards need to be developed for effective and safe use as well as to enable interoperability. NIST has been working on defining standards and recently released Considerations for Managing Internet of Things (IoT) Cybersecurity and Privacy Risks, but no federal agency is currently claiming jurisdiction over IoT policy and rule-making. In this vacuum, the legislative branch is getting involved. This past November, the House passed the SMART IoT Act that tasks the Department of Commerce with studying the current U.S. IoT industry. A Senate bill was introduced to manage what types of IoT devices the government can purchase, ensuring that all IoT tech in government is patchable and has changeable passwords. Finally, states are even weighing in on the proper use of IoT in government. California passed the first IoT cybersecurity law, making device manufacturers ensure their devices have "reasonable" security features. Continue reading