Top officials from the National Association of State Chief Information Officers (NASCIO) and the Public Technology Institute (PTI) forecast the big trends in state and local government (SLG) technology for 2023 at a Jan. 19 NASCIO event, with workforce demands and the status of Federally-funded cybersecurity grants high on the agenda.

They were joined by over 500 IT-minded SLG officials and vendor community representatives in this virtual event now in its 12th year.

NASCIO Outlook

NASCIO Executive Director Doug Robinson kicked off his group’s findings from polling its members on bigger trends for 2023.

“I’m going to take you through a quick journey of what’s going on in state IT, and of course I’m going to start with, most importantly, the State CIO top 10,” he said. The survey exercise is something that NASCIO has been doing since 2006 through a ballot among the State CIOs.

“Results are released late in the calendar year and in this Top 10 for 2023, and you’ll see some you’re familiar with,” he said. “This is probably our most important one-page message to the to the marketplace, public sector, or private sector colleagues and partners.”

Not surprisingly, cybersecurity and risk management are number one on the priority list for state CIOs for the 10th consecutive year. Digital services – once again – was number two on the list.

Somewhat surprisingly, workforce issues move up dramatically to the number three slot.

“2023 is the year of the workforce,” Robinson declared, saying “there will continue to be a focus particularly acute in the IT space.”

Rescaling and retraining are going to be critical because states are finding it increasingly problematic to hire new candidates into those positions, he explained. “A number of states have reported 50 to 60 percent reductions in the actual candidate pools for their for state IT positions across the board.”

Cloud services remain on the top ten list, along with and consolidation/optimization.

“I think both represent the maturity, the movement, and the adoption going on across the state CIO IT community,” Robinson said.

Falling down the list a bit for 2023 were broadband and wireless. However, this point deserves an explanation – particularly with $65 billion Federal dollars streaming down to states through various programs, it’s playing with house money.

The Federal funding and broadband expansion – particularly covering rural areas – along with digital divide issues, and digital equity are major topics with the state CIOs, not to mention elected officials.

Cyber, resiliency, and cooperating with local governments, with higher education, with utilities, and with health care, all are priorities on the 2023 top ten list.

Fed Funding Flows

Robinson was joined by Alan Shark, CompTIA Vice President Public Sector Engagement and Executive Director of the Public Technology Institute, to talk about initial outcomes – and possible lessons learned – from some of the Federal grant programs for cyber, broadband and infrastructure investment. They also turned their focus to explore the strategic opportunities and operational priorities for state and local IT in 2023.

On the Federal front, the Department of Homeland Security is implementing the State and Local Cybersecurity Grant Program (SLCGP) through its Cybersecurity and Infrastructure Security Agency (CISA) and Federal Emergency Management Agency (FEMA) components. The program totals $1 billion over four years.

“We are in year one of that, which is $200 million to be distributed to the states and locals. The notice of funding opportunity came out in September. Applications from the States were due mid-November,” Robinson said.

Those applications are in and the states are now forming and organizing. As part of that process, they will have to submit a plan, and about ten states have done so thus far.

“Then we’ll be prepared to provide 80 percent of those funds that each state gets to local governments in one way or another, and some of that may be through enterprise shared services rather than direct grants to the locals,” Robinson said.

The Local View

Speaking of locals, it’s a good time to hear from PTI’s Shark. His organization’s mission has been to assist the cities, counties and townships in the U.S. for over 50 years. “We do two studies a year. One is our State and County IT National survey and the other is our cyber survey,” he said.

With this much ground to cover it was interesting to hear how the challenges facing the two member organizations were so much alike. “I think what always amazes me is the fact that the issues that Doug has identified, and the issues that we’ve identified really aligned, and numbers four through seven are
very much similar,” on the groups’ top-ten lists. Shark said. “So, I’ve tried my best with staff help and many members of our executive committee, to look at our digital crystal ball and look ahead.”

A full listing of PTI’s Top City/County tech priorities and predictions are here.

Within the Top City/County CIO technology priorities for the next 2 years, between NASCIO and PTI, cybersecurity is number one again. “I suspect it’ll be number one for years and years to come, but all the years we’ve been doing the survey it’s always number one,” Shark said.

So many of these issues are associated with modernizing outdated IT systems, and many of those were exposed during the pandemic. There also seems to be a renewed interest in innovation, or as Shark said, “What it means to do things differently. Look at process improvement, number four – it was launching or
updating digital services for citizens, again, hastened by the experience of the pandemic, and then
migrating systems applications to the cloud.

All of those, he said, “are related, one way or the other, to cyber.”

As the program finalized with a Q&A session, the 500-pound gorilla made an appearance with a quite popular question from the audience – when would these Federal cyber monies actually be available?

It is indeed a process, Shark explained. CISA has to review and approve the plans that have been submitted. A number of states have already submitted their plans, so once they’re approved, then they’ll be a cycle of disbursement for each of those states.

Then each State Administrative Agency (SAA) for each group which is not the client organization, and is not the CIO or State CISO, will be responsible for making the determination.

“The SAA will be the one that determines how that process works,” Shark said. “In fact, the states may determine that they are going to use funds to deliver enterprise, shared services in lieu of doing discrete grants” – a development not exactly being met with great enthusiasm by local governments, he said.

States are really working to figure out their best process and procedures. Some states have determined that they are simply going to have an application process for the locals to apply for those dollars. Other states have said, ‘No, we’re actually going to look at these opportunities to deliver things.’ For example, the state may already have a cybersecurity training platform, and decide to make that available to local governments.

“So, we’re months away from real dollars,” explained Shark, speaking as one being on the streets for the local governments in terms of their sub-recipient status. It still will be determined by each state. “Some may approach it differently, but I think for the most part, I see a hybrid for a lot of states where they will do a mix of things,” he said.

“This is not a national policy position, but my commentary is that the states and the locals really need to focus on assessing their environment before they start buying all these bright shiny objects,” Shark said. He voiced some concern about this grant, and that for the locals, there needs to be an assessment program to determine the risk, rather than simply having locals buy technology.

“I’m an optimist, I think the locals could do a very good job; they had a year to plan,” he said. “We’ve been telling them to plan ahead. What is your wish list, then rationalize why, and then prioritize.”

“Shame on any local government that didn’t take advantage of that year.” Shark warned. “Now we’re going to see how this all shakes out and it’s going to be very interesting.”

Read More About
About
Kate Polit
Kate Polit
Kate Polit is MeriTalk SLG's Assistant Copy & Production Editor, covering Cybersecurity, Education, Homeland Security, Veterans Affairs
Tags