State CIOs Survey: Key Technology Priorities and Security Trends for 2025

State CIOs Survey Reveals Critical Shifts in Government Technology Priorities for 2025

The National Association of State Chief Information Officers (NASCIO) has released its 16th annual State CIO Survey, highlighting significant changes in how state governments approach technology and security. The comprehensive study, titled "Leading Change Through Uncertain Times," gathered responses from 51 state and territory CIOs during summer 2025.

Artificial Intelligence Takes Center Stage

Generative AI has rapidly evolved from an experimental technology to a critical operational priority for state governments. As organizations navigate the complex relationship between CIOs and CISOs in technology leadership, the survey dedicates an entire section to GenAI implementation, emphasizing the need for robust security measures and data governance policies. State agencies must now grapple with challenges including data lineage tracking, preventing AI hallucinations, and controlling unauthorized AI use by government employees.

"Technology alone won't drive transformation; it's the trust and alignment you build across the organization that makes lasting change possible," noted one CIO participant, highlighting the human element in technological advancement.

Cloud Computing and Data Management Transform Security Landscape

The survey reveals a significant shift toward mature cloud implementations and sophisticated data governance frameworks. State governments are moving beyond basic cloud migration to tackle complex multi-cloud environments. Implementing effective cybersecurity governance frameworks requires:

• Enhanced identity and access management across platforms
• Consolidated security policy management
• Strict data sovereignty controls
• Modernization funding tied to security metrics

Collaborative Security Initiatives Take Center Stage

A key finding emphasizes the growing importance of state and local collaboration in cybersecurity. The survey highlights a pressing need for shared security services and standardized incident response protocols between state and local governments. As organizations focus on strengthening cybersecurity measures across government entities, this includes:

• State-operated Security Operations Centers
• Shared threat intelligence resources
• Standardized incident response playbooks
• Training programs for local government entities

"Get out there and meet people, within the organization, other agencies, other states, municipalities, vendor partners… relationships are the currency of our job," advised another survey participant.

According to the National Institute of Standards and Technology, implementing robust security frameworks remains crucial for government organizations adapting to evolving technological landscapes.

The findings come at a crucial time as SecureWorld prepares to host its Government and Education virtual conference on November 13, 2025, where attendees can earn up to 6 CPE credits.

As state governments continue their digital transformation journey, the survey serves as a vital roadmap for technology leaders navigating the complex intersection of innovation and security. The message is clear: success in government technology initiatives depends on proactive security measures and strong collaborative partnerships.