State of the States 2012: IT Priorities, Issues and Trends

National State Auditors Association IT Conference

Nashville, Tennessee

Doug Robinson, Executive DirectorNational Association of State Chief Information Officers

About NASCIO

National association representing state chief information officers and information technology executives from the states, territories and D.C.

NASCIO's mission is to foster government excellence through quality business practices, information management, and technology policy.

Founded in 1969 – we’re a legacy system

Fiscal recovery: budgets are better, slow revenue growth, federal spending will decline. Impact on state CIOs?

CIOs seeking IT operational cost savings and alternative IT sourcing strategies

CIO Balancing Act: living with the past while leading innovation

IT security and risk! Game has changed

IT workforce: retirement wave, skills gap, recruiting challenges

State CIO transition – major churn

State IT Landscape

Today

Revenue Remains Below Pre-Recession Levels($

in B

ILL

ION

S)

* FY 2007 – 2010 are actual, FY 2011 is preliminary actual and FY 2012 is enacted. Source: NASBO

FY 2007 FY 2008 FY 2009 FY 2010 FY 2011 FY 2012$560

$580

$600

$620

$640

$660

$680

$700

$655

$680

$626

$610

$649$659

General Fund Revenue: FY 2007-FY 2012

State Spending by Funding Source

General Funds37.7%

Federal Funds34.1%

Other State Funds25.8% Bonds

2.5%

Total State Expenditures By Funding Source, Estimated Fiscal 2011

Source: NASBO 2010 State Expenditure Report

General Fund Spending: FY 2007-FY 2012 (in billions)

Medicaid Continues to Drive General Fund Spending Growth

6

Data is based on comparative levels of enacted spending in FY 2011 and FY 2012Source: NASBO Fall 2011 Fiscal Survey of States

In B

illio

ns

K-12

Higher E

d

Public Asst

.

Medica

id

Correcti

ons

Transp

ortation

-$5.0

$0.0

$5.0

$10.0

$15.0

$20.0

$25.0

$1.3

-$3.2

-$0.1

$19.4

$0.6 $0.0

Changes in General Fund Spending by Category Between FY 2011 and FY 2012

Budget Cuts Made after the Budget Passed Fiscal 1990 to Fiscal 2012 (millions)

Source: NASBO Fiscal Survey of the States, June, 2012

States Only: Will your state IT budget grow or shrink and by how much?

13%

6%

25%

47%

9%a. Flat

b. Increase

c. Reduce by up to 10 percent

d. Reduce by up to 20 percent

e. What budget?1

State CIO Transitions 2011-12

AK

HI

WA

DC

OR

CA

MT

INIL

ID

NVUT

AZNM

TX

OK

WY

ND

SD

NE

COKS

LA

MO

AR

IA

MN

KY

TN

ALMS

FL

GA

SC

NC

VA

OH

ME

WV

PA

NYMI

WI

VT

NH

NJ

MA

CT

RI

MD

DE

New CIO (32)

Acting/Interim CIO

GU

AS

PR

January 2011 - September 1, 2012

View from the States:Priorities and Trends

Tracking State IT Trends Alternative sourcing/hosting:

moving to the cloud Multi-state collaboration:

sharing infrastructure, solutions, applications

Legacy modernization Cybersecurity threats Health care implementation Procurement reform

State CIO Priorities for 2012

1. Consolidation / Optimization: consolidating infrastructure and services, centralizing2. Budget and Cost Control: managing budget reduction, strategies for savings3. Governance: improving IT governance, authority, data governance, partnering, collaboration 4. Health Care: Affordable Care Act, health information and insurance exchanges, architecture,

partnering, implementation, technology solutions, Medicaid systems 5. Cloud Computing: governance, service management, service catalogs, platform, infrastructure,

security, privacy, data ownership, legal issues, vendor management 6. Security: risk assessment, governance, budget and resource requirements; security frameworks,

data protection, training and awareness, insider threats, third party security 7. Broadband and Connectivity: strengthening statewide connectivity, public safety wireless

network/interoperability, implementing BTOP grant 8. Shared Services: business models, sharing resources, services, infrastructure, independent of

organizational structure, service portfolio management 9. Portal: maturing state portal, e-government, single view of the customer/citizen, emphasis on

citizen interactive self-service, mobile apps, accessibility 10. Mobile Services/Mobility: devices, applications, workforce, security, policy issues, support,

ownership, communications, wireless infrastructure

Source: NASCIO State CIO Survey, October 2011

State CIO Priorities for 2012IT Applications and Tools

1. Virtualization: servers, desktop, storage, applications, data center 2. Legacy application modernization/renovation 3. Cloud computing: software as a service, infrastructure, platform, storage 4. Mobile workforce technologies 5. Networking: voice and data communications, unified 6. Enterprise Resource Planning (ERP) 7. Identity and access management: digital credentials, federation,

standards8. Business Intelligence (BI) and Business Analytics (BA) applications 9. Document/Content/Records/E-mail management: active, digital

archiving 10. Public Safety Radio Network

Source: NASCIO State CIO Survey, October 2011

IT Governance: what works?

Supporting a legacy

environment

IT procurement modernizatio

n

Recruit and retain IT staff

Information sharing/data exchanges

Lack of shared enterprise

vision for IT

Managing mobile

devices, BYOD

Inadequate funding and

budget constraints

Security threats and

risks

The CIO Pain Point Survey…

All of the above

Growing Maturity: IT Governance, Frameworks and Business Disciplines

Enterprise Architecture

Project and Portfolio Management, PMO

Service Level Management: itSFM, ITIL,

CoBITPerformance metrics,

measure

Business transformation, change management

Enterprise IT Governance

Today’s State IT Workforce: Under Pressure

State CIOs say 21 - 40 % of state IT employees eligible for retirement within the next five years

Fiscal stress - hiring freezes and elimination of vacant positions

Nearly two-thirds say they anticipate having to reduce IT staff

IT Security positions are the most difficult to recruit and retain

Source: NASCIO State IT Workforce: Under Pressure, January 2011

2011 State CIO Survey Highlights

Budgets continue to drive action

CIO roles are changing Consolidation has broad

appeal Health care cannot be ignored Mobility…on the move

Source: NASCIO-TechAmerica –Grant Thornton LLP 2011 State CIO Survey, October 2011

Cost savings is lead motivator for collaboration

Collaboration: Top Agenda Item

Source: NASCIO-TechAmerica–Grant Thornton LLP 2011 State CIO Survey, October 2011

IT Consolidation: A Key Strategy for Years To address budget issues and control operational costs Facilities: reducing data

centers, equipment, operational costs

Enterprise services: networks, email, telecommunications,

imaging, wireless

Server consolidation: reducing footprint,

operations, security impact, backup/recovery

Applications: enterprise, similar business functions

IT personnel and staffing

Status: Consolidation & Shared Services

Targets Considering Completed

1. Telecom 98% 65%

2. Email 98% 38%3. Data centers 98% 32%4. Security 94% 43%5. Backup/disaster recovery 92% 29%6. Servers 91% 21%7. Storage 90% 26%8. Content management 78% 25%9. Desktop support 73% 26%10. Business applications 71% 8%11. Staff 69% 23%12. Imaging 69% 17%

More than90% of CIOs say 7 of the top 12 key services are targets

Source: NASCIO-TechAmerica –Grant Thornton LLP 2011 State CIO Survey, October 2011

52%

33%

Challenges to IT Consolidation

Source: NASCIO-TechAmerica –Grant Thornton LLP 2011 State CIO Survey, October 2011

CIOs' opinions on challenges to IT consolidations

Governance issues 51%Obtaining up-front capital to fund consolidation 45%Establishing baseline measurements for comparison to understand how effective the consolidation was 43%

Making a business case for consolidation & measuring subsequent results & savings 41%

Redesigning/re-engineering business processes 25%Insufficient in-house IT experience to manage the process 24%Reaching agreement on fee structures 22%

Moving to the cloud continues…slowly

Change in cloud status 2010-2011

State Status 2010 2011

Highly invested 5% 14%

Some applications 34% 35%

Still investigating 54% 47%

None/other 8% 4%

Source: NASCIO-TechAmerica –Grant Thornton LLP 2011 State CIO Survey, October 2011

15%

56%19%

What is the primary reason for adoption of cloud services?

7%

18%

2%

2%

47%

24%

0% a. Software updatesb. Scalability on-demandc. Increase business agility/quicker service

deliveryd. Risk mitigatione. Storage capacityf. Reduced IT staffing and administration costg. Not using and do not intend to use cloud

Business objectives

Governance

Acquisition strategy

Jurisdictional issues

Security and privacy

concerns

Policy and legal issues

Exit strategy

Key Considerations: Cloud Adoption

Apply existing security

framework and policiesConsumer

cloud vs. industrial strengthTest drive: start

with private cloud3rd party

contracts – protect state

interestsEnable legitimate

business useMonitor & control

unauthorized use

Leverage FedRAMP

Reducing Risk: Cloud Security Guidance

State Governments at Risk! Critical infrastructure protection risk More aggressive threats – organized crime,

unorganized crime, hacktivism Spam, phishing, hacking, and network

probes up Data breaches – loss of citizen trust! Lack of broad executive support Inadequate funding Need more training, awareness Complying with federal regulations and guidance – lack of harmonization

What are your State’s top five IT security initiatives?

1. Data Protection

2. Information Security Risk Assessments

3. Information Security Training and Awareness

4. Application Security

5. Information Security Measurement and Reporting

Growing IT Security Risks in the States

Protecting legacy systems

Expansion of wireless

networks

Online payment transactions

Mobile devices and services

Use of social media

platforms

Use of personally-owned devices (BYOD) for state

business

Adoption of cloud services;

rouge cloud users

Inadequate policy

compliance

Third-party contractors and

managed services

NASCIO Cybersecurity Call to ActionKey Questions for State Leaders

Have you created a culture of information security in your state government?

Have you adopted a cybersecurity framework, based on national standards and guidelines?

Have you acquired continuous vulnerability management capabilities?

Have you documented the effectiveness of your cybersecurity with metrics and testing?

Have you developed security awareness training for workers and contractors?

Source: NASCIO Cybersecurity Call to Action, February 2011

Mobile Agenda: Trends and Issues

By the Numbers: Mobile Explosion in the U.S.

Wireless Subscriber Subscriptions…………………323 M Wireless Only Households………………………………..32% Data Traffic on Wireless Up…………………………….111% Data Capable Mobile Devices……………………….278 M Smartphone Users………………………………………..100 M Mobile Text Messages………………………..........193.1 B Average Local Monthly Bill…………………………..$47.00 Tablet Penetration – Adults………………………………11%

Sources: CITA, FCC, TIA, Pew Research 2012

19

By 2015 mobile application development projects targeting smartphones and tablets will outnumber native PC projects by a ratio of 4-to-1.

Mobile app downloads are forecast to soar from 10.7 billion in 2010 to 182.7 billion in 2015

1 billion smartphones will be sold in 2014 – about double the number of PCs it expects will be sold that year.

Worldwide media tablet sales to end users are forecast to total 118.9 million units in 2012, a 98 percent increase from 2011 sales of 60 million units.

Sources: Forrester, Gartner, IDC

20

Not a priority; 2% Low; 6%

Medium; 33%

High; 31%

Essential; 27%

Mobility = CIO Strategic Priority

Source: NASCIO-TechAmerica –Grant Thornton LLP 2011 State CIO Survey, October 2011

CIOs readiness to deploy & support mobile devices & apps

CIOs opinion of their states' level of engagement with citizen-facing apps

Unprepare

d

Neutra

l

Ready

0%

5%

10%

15%

20%

25%

30%

35%

40%

22%

39%37%

Source: NASCIO-TechAmerica–Grant Thornton LLP 2011 State CIO Survey, October 2011

Enterprise direction: strategic

or ad hoc? Policy?

Standards?

Managing mobile

devices? BYOD?

Security and privacy

Managing business and end-

user expectation

Lack of technical expertise:

architecture and apps

State Views: Common Themes on Mobile

ArchitectureNative apps,

web or both?

Legal Issues? Terms of

Service from apps

stores?

Looking Ahead

More IT consolidation, shared services Outsourcing: more steering, less rowing IT implications of healthcare reform Demand for performance, results Extending the enterprise: locals? Massive collaboration - Web 2.0

Continuing pressure for operational efficiency

More IT consolidation, shared services, cloud, collaboration

Risks continue…cyber threats Extending shared services: locals Public Safety Broadband Network Social media integration Continuity of CIO leadership?

Looking Ahead…What to Watch

Connect with...

youtube.com/nasciomedia

linkedin.com

facebook.com

twitter.com/nascio

nascio.org

Questions?