Digital equity and inclusion were two of the main operating principles for top states in this year’s Digital States Survey from the Center for Digital Government.* A record nine states received A grades in 2024, pushing the envelope of what is possible in the public sector while continuing to provide the essential services that constituents need and expect.
From adopting single sign-on to ease residents’ access to state digital services to launching agencies to champion digital literacy, standout states elevated citizen digital engagement while enhancing security and more deeply moving into the brave new world of AI.
CALIFORNIA
To bring more people into the digital world, California launched its Middle-Mile Broadband Initiative (MMBI), which includes a goal of laying down over 8,000 miles of broadband infrastructure.
“We are already ahead of schedule, with more than 1,600 miles of broadband fiber laid down, connecting some of the state’s most underserved communities,” said Liana Bailey-Crimmins, chief information officer and director of the California Department of Technology, via email. “With a goal to build over 8,000 miles of broadband infrastructure, the MMBI is helping close the digital divide by using joint builds, lease agreements, and existing projects to cut costs and reduce construction time.”
California is also exploring generative AI (GenAI) to transform public services and resident engagement. The California GenAI Initiative, launched by Gov. Gavin Newsom, seeks to leverage AI throughout state government including areas such as in education, health care and public safety.
“We are testing and refining GenAI applications through a series of proofs of concept in real-world settings,” Bailey-Crimmins said. “Using secure sandboxes, we can experiment with these technologies in a controlled environment, allowing for innovation while ensuring compliance with ethical standards and safeguarding resident privacy. These sandboxes give us the chance to gather feedback from users, improve designs and ensure GenAI solutions are truly effective before we implement them.
As part of its AI initiative, the state established a GenAI website to serve as a one-stop shop for all things AI. The site provides updates, educational resources and guidelines on responsible AI use that protects privacy. Visitors can explore case studies, learn about sandboxes and access policy documents that outline the state’s commitment to ethical AI development. The site also offers GenAI procurement tools and tools for government employees, including training modules, best practices and FAQs to help them integrate AI into their day-to-day operations.
“We are also collaborating with technology vendors, universities and community organizations to ensure GenAI applications meet the evolving needs of all Californians,” explains Bailey-Crimmins. “This partnership approach is critical to developing AI solutions that benefit everyone, especially our underserved communities and residents.”
California has also secured a $70.2 million Digital Equity Capacity Grant from the National Telecommunications and Information Administration to help implement a State Digital Equity Plan. The funding will go toward digital literacy programs, workforce development and device distribution in un- and underserved communities.
GEORGIA
In 2023, Georgia launched its official design system initiative called Orchard. With a more recognizable design of web pages, the state is seeking to ensure a consistent user experience across the 100-plus websites and applications on the georgia.gov platform.
“When Georgians go online for state government information or transactions, they should be confident that they are visiting a legitimate site, and they should see continuity from one state website to another,” CIO and Georgia Technology Authority (GTA) Executive Director Shawnzia Thomas wrote in an email to Government Technology.
“More than a style guide or a set of templates, the system promotes web accessibility and consistency,” she continued. “With its reusable components and clear standards, Orchard meets accessibility requirements … ensuring that all citizens, including those with disabilities, can access and benefit from state services."
The system supports more than 900 content managers across state agencies and aims to build credibility for the government as well as trust among residents.
“As our Chief Digital and AI Officer Nikhil Deshpande likes to say," Thomas added, “'Do the right thing, and do the thing right.'”
Thomas stressed that the state’s key achievements in the digital space over the past two years have focused on barriers.
“One effort seeks to remove barriers between constituents and the state government services and information they’re looking for, while another project aims to add barriers to protect state networks and data from cyber threats,” she said.
Recent work to bolster cybersecurity is part of that barrier adding.
“GTA provides cybersecurity support to state agencies, from the development of statewide policies to security awareness training for all state staff and specialized training for security professionals,” Thomas explained. “State Chief Information Security Officer Steve Hodges and GTA’s Office of Information Security assist with assessments and security incident investigations and support the state’s cloud-first initiative and artificial intelligence program.”
Agencies in the state’s shared IT services program have long had access to managed security services and essential tools such as endpoint detection and response, security event information management and vulnerability management.
“But we wanted to do more,” Thomas said. “We have championed expanding the state’s cyber footprint and extending resources to every executive branch agency. With support from Gov. Brian Kemp and the state legislature, GTA received an additional $15 million in FY 2025 for cybersecurity services, and we are launching the extension of agency services this year. Plans for further expansion — to schools (K-12) as well as counties and municipalities — are taking shape.”
Thomas said Georgia also is off to a “strong start” with artificial intelligence.
In 2023 the state established an AI advisory council to drive ethical use of the technology across the enterprise and created a state policy for its responsible use. Later this year Georgia is launching an AI innovation lab and will offer training for state employees, as well as hosting a second annual statewide AI conference in December.
"We’re excited about the momentum we’re building and the support we are providing to state agencies in using AI to better serve Georgians," Thomas said.
MICHIGAN
CIO Laura Clark said Michigan has “embraced a human-centric approach to modernization.”
“Building trust with our customers, ensuring accessibility and creating a more unified digital experience are our top priorities,” she said in an email to GT. “When citizens interact with us, our goal is to make their transition from one platform to another, and from one agency to another, as seamless and easy as possible.”
As part of this effort, Michigan adopted a single sign-on system for users to more easily access services. Called MiLogin, the platform allows nearly 9 million residents to securely access services like unemployment insurance, DMV and Medicaid with a single credential.
As part of its human-centered approach to digital services, Michigan worked with its public safety agencies to develop a program called Set Aside, which removes qualifying criminal convictions from an individual’s publicly available criminal history record. The program is part of Michigan’s “Clean Slate” legislative package which allows individuals to set aside some past convictions.
“The resulting impact would help people with qualifying prior convictions overcome potential barriers to employment, housing and other opportunities that may arise due to their criminal history,” Clark explained. “This change was accomplished through automation, which helped us achieve two important goals. First, the application burden was removed from qualifying individuals. Second, automation eliminated the need for our partners at the Michigan State Police (MSP) to manually process and evaluate each application under the identified criteria. This freed up time to allow MSP partners to focus on other urgent items.”
Michigan also is working to build the next generation of technology professionals.
“Last year, we hosted our first-ever Michigan High School Cyber Summit to help high school students explore the exciting career opportunities available to them in cybersecurity,” Clark said. “We were able to bring together more than 400 students from across Michigan to learn about the latest trends and in-demand career options."
Clark added that the achievements she cites are due to the “incredibly talented team of dedicated public servants who strive to help connect those we serve with the information, resources and services they need.”
MINNESOTA
Minnesota’s state Legislature gave a big assist to the state’s IT team with a $40 million appropriation to the state Technology Modernization Fund. The state has used the money to greatly increase the use of drones for bridge inspections and to increase the number of services residents can sign up for online — including free lunch programs.
The Technology Modernization Fund has to date funded 17 projects that have upgraded aging systems, strengthened data security, improved processes and created efficiencies leading to cost and resource savings. The upgrades include advancements in data management and technology within key programs such as the Women, Infants and Children (WIC) nutrition program, COVID-19 Pandemic Electronic Benefit Transfer (P-EBT) program, Direct Certification and Minnesota Free School Meals.
“Leveraging these tools, Minnesota has expanded access to essential food programs, streamlined resources for vulnerable populations, and strengthened the health and well-being of families statewide,” said CIO Tarek Tomes. “These data-driven initiatives align closely with our administration’s priorities and reinforce our commitment to becoming a national leader in family support, ensuring food security at a time when over 390,000 Minnesotans, including more than 120,000 children, face hunger.”
Tomes says his state is “embracing emerging technology to solve real-world challenges” and its expanding use of drones is a case in point.
“In 2015, MnDOT (Minnesota Department of Transportation) initiated a multiphase project to explore the use of drones for bridge inspections. By 2021, the results were clear — drones reduced costs, improved data quality, enhanced safety for both inspectors and motorists, and minimized traffic disruptions,” Tomes explained. “This research led to the acquisition of 33 drones and the development of advanced 3D models for bridge management. MnDOT continues to refine these capabilities, driving greater efficiency and improving public safety.”
The use of the drones is a cost-saver and a safety enhancer, he said.
“Minnesota has over 13,000 bridges that require regular inspections to ensure safety, as mandated by federal law. Traditional inspection methods are costly, time-consuming and pose safety risks. MnDOT research shows that drones can help reduce inspection costs compared to traditional methods, while providing comprehensive reports with detailed photos, videos and 3D models.”
Tomes views technology as a tool for “positive transformation.”
“Our strategic goals include developing innovative products, promoting diversity and inclusion, ensuring fiscal responsibility, protecting the environment, and investing in employee growth,” he said. “Through a people-centered approach, our teams have found ways to navigate technological challenges and drive state government transformation.”
NORTH CAROLINA
North Carolina has made its commitment to digital equity clear with its establishment of the Office of Digital Equity and Literacy.
“North Carolina continues to be a leader in advancing digital literacy and inclusion, as we are not only working to connect all North Carolinians to affordable, reliable high-speed Internet, but also seeking to ensure that they have the skills and devices needed to safely participate in today’s digital world,” said North Carolina Secretary of Information Technology and CIO James Weaver.
In addition to launching the digital equity office, North Carolina has developed a five-year digital equity plan that incorporates public feedback from more than 7,000 respondents who answered questions in the state’s first Digital Equity Survey that sought to assess citizens’ needs and barriers to access.
“In addition, we are partnering with N.C. State University and N.C. Central University on an Asset Inventory Survey to learn about organizations, businesses and programs that support Internet affordability, access to computers and digital devices, digital skills and literacy, tech support, and free Wi-Fi, so we can publicly publish these assets and identify gaps that need to be addressed,” Weaver explained. “We are planning to launch a new website in October that will include more than 1,100 resources available to help North Carolinians get online, access free public Wi-Fi, acquire digital devices and connect to digital literacy training.”
As part of its digital equity initiative, North Carolina is investing hugely in expanding broadband, putting nearly $1 billion in federal American Rescue Plan Act (ARPA) funds toward deploying broadband infrastructure in unserved and underserved areas of the state, as well as support access to devices and digital literacy and skills training, Weaver said.
“To date, the division has awarded more than $500 million in ARPA funding, including money for projects that will connect more than 189,000 homes and businesses across the state to high-speed Internet and $44 million in funding for three rounds of digital equity grants awarded to 75 grantees to help North Carolinians afford high-speed Internet, obtain digital devices and access digital literacy courses,” he says. “Our state is also set to receive an additional $1.53 billion in funding to support further broadband expansion and digital equity efforts through the federal Broadband Equity, Access and Deployment program.”
Weaver said the state also addressed affordability by promoting the Federal Communications Commission’s Affordable Connectivity Program, which gave low-income households a $30 monthly discount on Internet services before it ended in spring 2024 due to lack of continued federal funds. More than 900,000 households signed up for the program.
An overhaul of the nc.gov website aims to be a single point of access for all state services. It has seen more than 7 million views since July 2023, and a new governance tool helps web managers improve site accessibility and quality.
The Department of Information Technology published a Digital Accessibility and Usability Standard in April of this year. The standard “provides guidance for state agencies in designing and delivering websites and digital services, outlines statutory requirements, clarifies mandates and expands on best practices for the state's digital assets,” Weaver explained.
“We have also created the statewide N.C. Digital Accessibility Community of Practice (A11y CoP), open to web developers, communications staff and other professionals of all experiences with an interest in digital accessibility,” Weaver added. “Since launching in January 2024, 210 team members from many different state agencies, academia and private organizations have joined A11y CoP.”
OHIO
In the state of Ohio, a simplified experience for interacting with state government is a key priority — and artificial intelligence is playing a role in making that a reality.
CIOKatrina Flory underlined the value of state leadership’s focus on “using technology to provide better experiences for Ohioans across the board.”
Ohio released an AI policy in December 2023, at which point Flory said AI was already actively in use in the state. As such, the state created a policy that safeguarded data while still allowing for innovation.
“Everything starts with the data,” Flory said. She even noted that a data literacy training program exists within the state to advance data governance.
The state also has an AI council that meets monthly. This council reviews and approves agency use cases of GenAI and provides oversight. Now, the state is working with InnovateUS to roll out AI training to all state employees that includes Ohio’s AI policy.
In the meantime, the technology is already in use. For example, AI-powered chatbots help Ohioans more easily navigate state services. The Ohio Assistant Chatbot was launched in July 2023, built collaboratively with state agencies; in the first year of operation, there were about 15,000 user sessions. In addition, two other chatbots, Carey and EVA, enhance services for the Ohio Benefits Program.
Part of Ohio’s strategy to better serve customers involves capacity building for state agencies. One clear example is the Ohio Digital Academy, which aims to fill existing gaps in the IT workforce. Through this program, students become “analysts” in a three-year position with a state agency; the goal is that at the end of the program, they will either get a permanent job with the state or an Ohio-based company. The focus for this program started in cybersecurity but has expanded to include other IT areas like network services. The next cohort will be announced in January.
In another capacity-building move, Ohio has established information security officers that are part of the Office of Information Technology team but provide support at the agency level. The state worked with 27 agencies to conduct a risk maturity assessment and improve security posture.
In a similar vein, the state is moving forward with its Cloud Center of Excellence project, building agencies’ modernization ability through assessment and support. The goal is to teach agencies how to modernize in the cloud and equip them with the skills needed to repeat the process.
The state also recently launched OhioBuys, an online purchasing solution to help simplify the purchasing process for both government buyers and suppliers. As Flory detailed, the platform provides more transparency into the purchasing process to simplify it for all parties.
Now, the state is focusing on continually improving the digital experience, part of which involves the future of digital identification verification with OHID.
“All of those initiatives make things easier for our citizens to do business with us,” Flory said.
TEXAS
Texas is taking a whole-of-state approach to IT, and CIO Amanda Crawford credits the state’s leadership and the team at the Department of Information Resources (DIR) for valuing technology’s role in government business.
A strong example of this whole-of-state approach is Texas’ cybersecurity strategy, Crawford explained: “Cybersecurity is, and always will be, a team sport.”
This means that Texas has cybersecurity information, tools and programs in place to support all parts of the team at both the state and local levels. This top-down policy includes leadership in the governor’s office and Legislature to ultimately impact Texans individually. Through this approach, Regional Security Operations Centers (RSOCs) established in 2021 allow DIR to partner with education institutions to provide cybersecurity resources to smaller government entities — including local governments, K-12 school districts and special purpose districts — helping them build their capacity. RSOCs support these organizations with both financial assistance and hands-on education and outreach. The RSOCs also employ student analysts to expand the state’s pipeline of cybersecurity workers. DIR has requested funding for four additional RSOCs, which would bring the state total to seven.
“Overall, all of these tools that are coming from DIR … provide vital tools for all levels of government,” Crawford said.
DIR is focusing on operational continuity, yet still embraces innovation. For example, the AI Advisory Council began meeting this year, tasked with providing an understanding of how Texas agencies are using AI. Agencies had to submit an inventory of automated decision systems (ADS) in use by July 1; of the 105 surveyed agencies, only 36 said they are not currently using any ADS. This collaborative approach on AI keeps agencies aligned on policy and provides transparency. Next, the council will submit a report to the Legislature by Dec. 1, which will ultimately inform future AI policy.
The whole-of-state approach can also be seen through the Texas Data Literacy Program, which offers best practices for data management. The goal is to support a range of public institutions in the state as they establish data governance programs to improve service delivery. And while it is offered through DIR’s learning management system, other agencies can integrate it into their own systems. In fact, any individual can access the program’s content on YouTube through a self-paced learning program. The program provides information for data practitioners, agency and business leaders, and the public. The state is continually building out modules for the program and is now exploring the creation of a similar AI literacy effort.
“At the end of the day, the public expects state leaders to make decisions based on data,” Crawford said. And as the push for more AI continues, she expects an increased focus on and understanding of data quality at a foundational level throughout state government to follow.
UTAH
From artificial intelligence to cybersecurity to digital IDs, Utah takes a forward-looking approach to IT.
While the use and governance of AI have drastically increased in the public sector in the past couple of years, Utah was an early adopter of the technology. In 2018, the state created a Center of Excellence in AI. By 2023, an enterprise GenAI policy was in place. In 2024, the state launched an Office of AI Policy.
“AI as a technology is not new,” said CIO Alan Fuller, who then specified what is new: GenAI, Utah’s current focus. Through hiring additional staff, including a director of artificial intelligence, and the launch of various pilot programs, Utah is exploring how its workforce can achieve increased efficiencies in service delivery. But the state is taking a scientific approach, starting with internal-facing tools before launching something public-facing to mitigate risk.
And Utah is focused on best serving its citizens, as illustrated through the statewide customer experience program. Fuller noted that the governor himself initiated this program to help each agency focus on better serving customers in a data-informed way that relies on customer feedback to improve services.
“By tying it directly into the governor's office, we have very strong business-side support for the project,” he said, adding that 100 percent of state agencies are participating and the state is receiving an average of 11,000 customer responses per month.
Utah has also been a leader in digital identity, which has become increasingly important due to an increase in fraud.
“I feel like we as a society desperately need [verifiable digital credentials], and they will make a huge impact,” Fuller said, citing cybersecurity risk mitigation and a potential for improved efficiency in service delivery. Utah has started with a low-assurance digital credential for off-highway vehicle training certificates. Within three months, 40,000 people adopted it. “It’s a very convenient way to do business.”
Digital ID is only one component of the state’s cybersecurity strategy. Another leverages federal grant funding for a program in which the state offers risk analysis and cybersecurity support to local governments.
“The impetus for the program is that many of our smaller cities and counties are just not well prepared for the cybersecurity attacks that are coming their way,” Fuller explained. At this point, Utah has more than 100 entities involved and has provided cybersecurity training to over 29,000 people and offered front-end protection to over 20,000.
Utah officials continue looking ahead through efforts to modernize digital government, including the state’s citizen portal, which in 2025 will provide personalized citizen services across agencies. The state is also upgrading its HR and payroll system, aiming to go live in January 2026.
Last year, Utah retired its mainframe entirely, which had been in the state for 66 years. “That’s a sign that we’re focused on this effort to streamline and modernize our systems,” Fuller said.
VIRGINIA
Virginia has vastly modernized its digital infrastructure and applications in recent years.
“We redesigned and expanded our network by deploying software-defined wide area network technology and increased network capacity by 1,500 percent statewide,” explained CIO Robert Osmond via email. “We identified an agency application best practice in permit transparency and scaled it into a statewide solution for over a hundred different permit types.”
He said that improving the network improved agency efficiency statewide.
“For example, at the Virginia Department of Motor Vehicles, we used to have daily network outages that affected customer services,” Osmond said. “Today, we almost never have outages, and the faster application performance has helped shorten customer transaction times. At the Department of Environmental Quality, improved permit monitoring and visibility has led to a 70 percent reduction in permit processing times.”
In addition to redesigning and expanding its software-defined wide area network, Osmond cited the state’s cybersecurity improvements as a critical milestone reached over the past two years.
“We have extended our zero-trust initiative by improving core processes such as identity and access management, vulnerability management, orchestration and automation, asset management, and micro-segmentation,” he explained.
The Virginia IT Agency (VITA) also reorganized its agency structure to benefit the executive branch’s business priorities in an effort called “Smart Growth.” Two years ago, VITA’s executive team consisted of three chiefs: chief of administration, chief operating officer and chief information security officer. In an effort to “align, balance and focus the organization to VITA’s mission/vision to be a customer-focused partner,” the executive team expanded to include a chief financial officer, a new chief of enterprise solutions and a chief customer experience officer, one of the first such roles in the nation, the state reports. The new CXO is charged with building strong relationships with customers and gauging customer satisfaction.
In an effort to foster collaboration among state agencies and promote effective governance, VITA recently established a Power Platform Community of Practice (CoP). Using Microsoft Teams as its central hub, VITA has created dedicated channels for each agency to engage directly with VITA and each other. VITA facilitates monthly CoP meetings to share information, discuss best practices and spotlight platform-related initiatives at individual agencies. The CoP has rapidly expanded, boasting a membership of over 1,300 since its inception with just 50 initial participants.
*The Center for Digital Government is part of e.Republic, Government Technology’s parent company.
A STATES
California
CIO: Liana Bailey-Crimmins
California is home to a staggering 39 million people, and the demands on critical IT services — as well as for equity, connectivity and security — have never been more pressing. As concerns and opportunities around artificial intelligence swirl nationally, the state has taken an aggressive leadership role in the space, setting thoughtful policy and cautiously integrating the emerging technology. In November 2023, Gov. Gavin Newsom signed an executive order directing agencies to evaluate the risks and use cases of generative AI and setting the stage for a small fleet of pilot projects focused on prominent operational challenges.
When it comes to equality of connection, the state has also been a champion for the un- and underserved. The state’s Middle Mile Broadband Initiative seeks to lay more than 8,000 miles of fiber-optic cable, which will — and already has in some areas — set the stage for Internet service providers of all sizes to create new, more competitive service options. The state outlined its commitment to digital equity in its State Digital Equity Plan, which highlights strategies to enable essential digital services.
California has also had to take an aggressive approach to its cyber defenses. Its Security Operations Center as a Service protects more than 119,000 critical IT assets and 92,000 user accounts. In a similar vein, the innovative Vulnerability Disclosure Program invites external security researchers to identify and report security vulnerabilities in government systems. The program has already mapped more than 1,600 vulnerabilities.
Georgia
CIO: Shawnzia Thomas
Georgia provides a lesson in how to advance with technology while also making sure to fill in digital gaps so as few people as possible are left behind.
One example involves artificial intelligence, which pretty much every public agency is trying to figure out. In this case, that means the appointment of a chief AI officer by the Georgia Technology Authority, the publication of a state policy for for the emerging tech and the crafting of standards around generative AI. Georgia also hosted a statewide AI summit — a reflection of a growing trend that has local and state leaders throughout the country trying to educate themselves on AI.
As Georgia officials look toward the future, they are also working to make sure residents are not stuck in the past. Working on the theory that high-speed broadband is an essential for homes, businesses, schools and even public safety, tech leaders in Georgia have reduced the number of addresses without it by more than half, according to state estimates.
Streamlining digital activities is another example of Georgia’s technology leadership. They recently launched Orchard, the state’s official web design program, bringing what tech officials call a consistent user experience for more than 100 state-affiliated sites and apps. Orchard also helps the state meet accessibility requirements, a growing need as government services become ever more digital and mobile.
Michigan
CIO: Laura Clark
Michigan remains at the top of the pack, getting another A grade this year and maintaining its focus on cybersecurity and human-centered design.
The state continues to advance its cyber practices, including revising policies to align with updated NIST standards and working toward implementing a DevSecOps framework. State and Local Cybersecurity Grant Program funds have supported joint exercises, information sharing and other collaborations across state, local and tribal organizations. External-facing cyber initiatives include maintaining an online resource where residents can find advice on staying safe online and launching both a Cyber Day and a Cyber Summit for high school students. The first event helps students learn more about the field and the latter connects them with cyber-related higher education and career paths. The state also updated its MiLogin identity access management and single sign-on service to allow FIDO passkey-based authentication in place of passwords.
MiLogin got other updates too, including a user experience refresh based on resident feedback that led to a significant drop in user registration abandonment rates. The state also uses an enterprise design system to help ensure state websites and applications follow similar designs, so residents can navigate them easily.
Michigan’s innovation team reviews and prototypes emerging tech, and the state has taken a careful approach to AI, starting with research and some pilots and proofs of concepts. And to ensure it’s investing wisely in IT projects, the state now tracks projects for five years following their completion, to see what financial benefits they deliver.
On the resident safety front, a portal helps domestic violence and human trafficking survivors more easily keep their home addresses confidential. Additionally, a new process automatically removes certain qualifying convictions from residents’ publicly available criminal records, which otherwise can be an obstacle to getting housing and jobs. Plus, following discoveries of racial disparities in traffic stops, state police have taken steps to better monitor their own behavior, including adopting body-worn cameras and launching an internal data dashboard tracking traffic stop data.
Minnesota
CIO: Tarek Tomes
In 2023, the Minnesota Legislature approved more than $500 million for digital government, cybersecurity and system modernization — a record-setting investment powering significant modernization efforts across state agencies. Since then, some 80 project proposals to modernize, secure and improve the customer experience of state-government-level technology systems have been received by the Modernization Steering Team, with 28 proposals approved for advancement.
A significant element of this work is Gov. Tim Walz’ One Minnesota Plan, which aims to add 40 new or improved digital self-service applications by 2027.
At the agency level, the Minnesota Department of Health has used data from Medicaid and other benefits programs to identify eligible individuals for other programs like Women, Infants and Children (WIC). The state used text messages to reach eligible recipients, rather than traditional mail, leading to a 3.6 percent increase in applications. DHS also partnered with Code for America to develop MNBenefits, a “human-centered benefits application” which combines cash, food and health-care assistance applications in a single, streamlined process.
The Department of Corrections has been awarded $54 million for a four-year tech modernization, with improvements planned for areas like sentence administration systems and records management. Other system modernization projects are taking place in agencies like the Department of Children, Youth and Families.
Modern productivity tools are making an impact across the state organization in Minnesota. Microsoft’s Power Apps and Power Automate are enabling state workers to address business needs using no-code or low-code tools. Thousands of Power Apps and Automate flows have been created across 21 agencies. In another example of more efficient management, all state agencies have adopted a common project management tool to help prioritize tasks and improve processes and workflows. Nearly 1,200 projects and initiatives are tracked with the tool.
The Minnesota Enterprise Translations Office (ETO) is using AI technology to expand the state’s translation abilities in multiple languages like Hmong, Somali and Spanish. Eliminating a need for external contracts and enabling other efficiencies, ETO has reduced its translation costs by 40 percent.
North Carolina
CIO:James Weaver
North Carolina stands out for its commitment to human-centered design in its digital transformation journey. The state is proactively tackling complex issues, from AI and cybersecurity to data privacy, with a focus on community engagement and responsible technology use.
The state's Digital Commons platform supports 85 state websites and serves over 10 million constituents. North Carolina's commitment to accessibility and user-centric design is evidenced through its deployment of virtual assistants that simplify complex interactions for residents. In one example, a virtual assistant for the North Carolina State Unemployment Insurance Tax System allows visitors to self-serve through conversational-style interactions. The tool averages almost 9,000 hits per month.
The state's new service governance model fosters collaboration between agencies and NCDIT, resulting in improved service delivery and increased innovation opportunities. Additionally, the state is prioritizing data privacy education, with the Office of Privacy and Data Protection delivering 24 mandatory training modules to more than 63,000 state agency employees and contractors since January 2023. The courses are aligned with the cybersecurity training schedule to reinforce concepts and relationships.
North Carolina has a robust incident response team (the North Carolina Joint Cybersecurity Task Force, which has handled 31 incidents since 2022) and close partnerships with private-sector experts. Additionally, over 1,000 volunteers participate in NCDIT's Digital Solutions virtual user group, contributing to the testing of new and updated services.
North Carolina's investments in Next-Generation 911 technology, which now covers 100 percent of the state, and innovative public safety solutions, such as FirstTech's datacast paging system (delivering over 2,000 dispatches in the time analog systems deliver one), highlight the state's commitment to emergency preparedness.
Ohio
CIO: Katrina Flory
Scoring an A grade this year, Ohio’s IT leaders have incorporated new tools into their statewide identity management, customer service and cybersecurity efforts. From revamping how residents connect with state services to the implementation of the Ohio Administrative Knowledge System across agencies, the state is weaving tech upgrades into every layer of its operations.
Ohio IT leaders have been using Gov. Mike DeWine’s Executive Order 2019-15D as a playbook for integrating technology into a more personalized customer service approach. The executive order established a statewide focus on IT innovation, paving the way for several digital service improvements, including enhancements to the benefits.ohio.gov site, which include upgrading the Self-Service Portal to simplify application processes and centralize resources for residents.
Ohio is committed to embracing emerging technologies, including AI, by implementing virtual assistants and AI forums to advance AI literacy. In 2023, the AI Special Interest Group (SIG) was formed to create a statewide framework that includes a Generative AI Central Repository, Operations Chart, and Procurement Checklist to guide agencies as they explore future AI use cases.
Leading the charge is Ohio’s chief information officer, Katrina Flory, who guides state technology use and works across state agencies as a part of the Multi-Agency CIO Council. The council focuses on cybersecurity, risk and data management, analytics, and identity access management to secure the state’s digital platforms while catering to evolving resident needs.
Texas
CIO: Amanda Crawford
Texas brings its A game this year with miles of opportunities for technologists to learn, network and influence the digital landscape, thanks to efforts by the state’s information agency, public-sector organizations and lawmakers. Top talking points are cybersecurity and artificial intelligence.
Cybersecurity is concern No. 1, and the Department of Information Resources (DIR) provides multiple ways for state agencies, institutes of higher education and other entities to learn about, secure and adopt technologies to ensure a holistic cyber stance. This is done in part through statewide purchasing vehicles, training opportunities, advisory groups and networking. Regional Security Operations Centers continue to go online to connect regions with 24/7 resources, and the Texas Education Agency works with DIR to advise, assist and equip K-12 schools.
Artificial intelligence is the state’s next concern. To better understand the implications and impacts of AI, the Legislature created the Texas AI Advisory Council and also constituted a special committee. DIR was ahead of the pack with its AI Center of Excellence in 2020 and the Texas Innovation and Education Center in 2023.
Interspersed in the conversation is data governance and how best practices are needed to create ethical, reliable AI solutions — whether they be used to streamline agency work or to quicken constituent interactions.
Residents have options when it comes to digital services including licensing, whether they be fishing licenses or driver’s licenses. The Texas Parks and Wildlife Department has issued 200,000 digital hunting licenses since 2022 and allows digital tagging via the My Texas Hunt & Fish app. Texas.gov, the state’s homepage, garners the most visits, followed by the Texas by Texas app and the Department of Motor Vehicles’ registration renewals webpages.
Utah
CIO: Alan Fuller
Utah earns an A grade again this year, thanks to longstanding efforts to optimize statewide IT operations. From launching a design system to ensuring the accessibility of online services to furthering cybersecurity and resilience measures, the Utah Department of Technology Services (DTS) works diligently to stay ahead of the curve.
A main goal for DTS is to deliver “first-class customer service.” To this end, the division created a customer experience program, with feedback tabs on all executive branch websites and a team of employees dedicated to making related improvements as soon as possible.
Citing a cautious approach to artificial intelligence, DTS is using pilot projects to test the technology. One successful project involved the Utah Geospatial Resource Center, where more than 200 days of work were saved by using AI to scan plan sheets for cooling towers, which must be identified and maintained to prevent outbreaks of Legionnaires’ disease.
Another state agency taking advantage of technology is the Utah Department of Natural Resources, which created a mobile app for the public to report poaching and a verification app for officers to scan the credentials of off-highway vehicle drivers.
In a move to further modernize its own operations, DTS adopted the Scaled Agile Framework statewide, migrating its project management services from more than a dozen different software applications to a single cloud-based platform for improved coordination and oversight.
On the cybersecurity and resilience front, DTS expanded a program to identify and address security risks and developed “geo-diverse pathways” for the state’s fiber network to ensure continued operation in the face of any service interruptions. Creating a stronger safety net in case of a disaster, Utah also dual-homed the Lumen connections in its primary and secondary data centers and made backup data available in the cloud.
Virginia
CIO: Bob Osmond
Virginia’s commitment to modernization and innovation across IT, cybersecurity and data governance has positioned it as a leader in IT transformation. The state has expanded broadband access to over 388,000 previously unserved locations and significantly reduced network latency issues and bandwidth overuse.
In 2024, Virginia enhanced its data governance framework with specialized tools that identify sensitive data, enabling the state to better protect it. These efforts have helped fuel the growth of the Commonwealth Data Trust (CDT), set up by the Office of Data Governance and Analytics to facilitate the secure exchange of cross-agency data. The CDT has grown by 300 percent in just two years.
The state also advanced its IT workforce development posture through initiatives like the IT Leadership Development and Associates program, aiming to upskill talent and attract a more diverse candidate pool by removing degree requirements for most positions. Additionally, the state continues to make strides in AI governance, maintaining an AI registry and overseeing enterprise adoption to mitigate risk.
Modernization efforts in emergency response have included the deployment of Next-Generation 911, a digital system that takes the place of analog 911 and includes accurate location data and other advanced capabilities. Additionally, the state upgraded its procurement platform and successfully transitioned 72,475 user accounts from Google to Microsoft 365.
Another notable project is the Regional Multi-Modal Mobility Program (RM3P), which leverages real-time data to improve transportation safety and efficiency in Northern Virginia. This initiative is a collaboration between various transportation providers to empower the public with tools for more informed travel choices.
Additionally, Virginia’s primary data center migration to a modern facility enhances IT service reliability and resilience for state agencies. The move is part of a broader push to modernize IT infrastructure, including the expanded use of private cloud services. These efforts are crucial to improving service delivery and ensuring continuity of operations across the state.
A- STATES
Arizona
CIO: J.R. Sloan
Arizona maintained its A- grade with a continued focus on enhancing digital services and data-driven innovation. Some examples of Arizona’s exemplary data work include the Statewide Enterprise Data Management Program and several new data governance policies, such as the Data Governance Organization Policy that ensures state agencies manage data as a strategic asset. The Data Quality Policy requires state agencies to establish and implement a data quality strategy, and the Document Policy requires them to have a metadata catalog by the end of fiscal year 2025. All this data work led to Arizona in February becoming the only government entity awarded Founder status in the EDM Council’s new Data Excellence Program.
Like many, the state is taking a measured approach to GenAI with a new statewide policy aimed at ensuring privacy, accuracy and efficiency as the state adopts this new technology. Arizona Strategic Enterprise Technology (ASET) is working with vendors to set up sandbox environments where state agencies can safely conduct pilot programs of GenAI technologies. And in the interest of ensuring safe and ethical use of other emerging technologies as well, ASET created the IT Leadership Roundtable where agency IT leaders gather monthly to discuss and establish guardrails for use of new tech.
Arizona also sought to improve services for state staff with a new coworking space to accommodate the increased prevalence of virtual and hybrid work. Arizona’s Connected Workspace gives state employees a place to work individually or together with state-of-the-art equipment. This has allowed the state to consolidate and reduce government office space, saving taxpayers $9 million in rental costs and reducing the state’s carbon footprint by a million square feet.
Connecticut
CIO: Mark Raymond
Connecticut is exploring artificial intelligence technology responsibly and steadily improving broadband access and digital equity around the state.
In February 2024, Connecticut released its first artificial intelligence policy. Created by multiple state agencies, the policy outlines specific ethical guardrails for agencies, offers guidance on the use of Large Language Models and establishes an AI advisory board. The state’s Department of Administrative Services has also created an AI enablement lab to test pilot projects that use the technology.
State agencies also harnessed AI to increase public safety. The Connecticut State Police successfully leveraged AI to launch a DroneShield detection system. The system identifies drones used in illegal activities and helps enforce safety regulations. In the area of digital safety, over 50 agencies have implemented a new defense and response platform — which runs on AI technology — across 38,000 devices. The upgrade both improves Connecticut’s cybersecurity posture and expands the state’s capabilities to respond to cyber threats appropriately.
Connecticut lawmakers passed legislation to address discrimination and harm caused by AI in state services. The state requires systems that rely on AI technology to submit to tests in an effort to prevent discrimination based on ethnicity, race, religion, age and more. The legislation also intends to safeguard personal information.
On the digital equity front, Connecticut is upholding its commitment to ensuring residents can access high-speed Internet. Through its ARPA-funded ConnecCTed Communities and Broadband Equity, Access, and Deployment programs, the state is using data collection and GIS engineering to map out areas that lack Internet access. The approach has made it possible for the state to connect around 1 million under-connected residents.
Other digital advancements include streamlining processes and access to state benefits as seen in its business services, jobs services, and health services areas. The state has made specific strides toward improving accessibility to government services for non-English speakers and disabled individuals.
Hawaii
CIO: Christine Sakuda
Hawaii maintains its A- grade in this year’s survey in part thanks to a commitment to the fundamentals of IT modernization as well as resilience in the face of adversity. In response to the deadly wildfires on Maui in August 2023, Enterprise Technology Services (ETS) worked with the state’s housing agency and others to set up an online program that connected survivors with available housing and provided updates on relief efforts. Residents could access the website via mobile devices or from computers at disaster assistance centers and libraries. ETS also reports it was one of the first government agencies on the ground in Maui to provide communications equipment, like satellite and an Internet connection, for first responders and the National Guard.
A major project in identity and access management, myHawaii launched in December 2023 with the ultimate goal of being a single point of entry to state digital services. Hawaii.gov offers 158 online services for citizens, including 23 new services and updates in 2023, and sees 1.3 million transactions annually. The state is also working to replace its 50-plus-year-old financial management software with a new platform that will help make more data-driven decisions using real-time information to help staff and the Legislature more accurately budget and forecast spending. A previous iteration of the project was restarted in 2023 and is estimated to take five years and cost $60 million.
In cybersecurity, ETS aims for a flexible, “layered” approach and leans on support from organizations like the Center for Internet Security and MS-ISAC. A centralized virtual SOC continuously monitors state networks and a Cyber Risk Scoring Program helps identify systems at highest risk for attack. The effort has helped protect state systems and saves money by identifying and mitigating problems before they become more expensive to resolve. In 2023, cyber threats, as well as response to and recovery from them, were added to the State Hazard Mitigation Plan.
Indiana
CIO: Tracy Barnes
Over the past few years, Indiana has focused on providing high-quality digital services for its constituents. With IN.gov being a trove of important information, the state needed to ensure that its PDFs were accessible to all users. To that end, the Indiana Office of Technology (IOT) provided an accessibility checker tool for all state agencies. This tool enabled agencies to fix accessibility issues in over 400 of the most used PDFs across state government.
Indiana also leveraged artificial intelligence to improve its digital service offerings. IOT used Microsoft’s Copilot platform to create a chatbot capable of responding to user inquiries. The state also established an AI Task Force that will assess the state’s continued use of the technology. Indiana workforce, education and technology agencies partnered to create an AI system to help residents seeking new career opportunities. Launched in November 2023, the tool known as Pivot uses the Indiana Statewide Longitudinal Data Systems to suggest specific pathways to users based on their education and workforce history. Pivot’s capabilities range from projecting future demand in industries, recommending training options based on user background, providing pay scale data and current job listings in the user’s area, and offering actionable next steps. Users can evaluate their interest in the options and give feedback to help Pivot curate its recommendations.
When it comes to cybersecurity, IOT hosts monthly virtual meetings to connect local governments with state staff, vendors and industry experts. Participants discuss the newest cybersecurity trends and ways to maintain a solid cybersecurity posture. These efforts also extend into the education sector. Indiana’s Department of Education provides cybersecurity training for K-12 schools throughout the state. As a result, over 200 school districts have increased their cyber defenses, positioning them to better protect student and staff data.
Maine
CIO: Nick Marquis (Acting)
Like any major tech organization, Maine IT over the past two years has grappled with how to address emerging technology, specifically generative artificial intelligence. The state actually had a nine-month moratorium put on its use of that technology that expired in March. During that moratorium, the state established GenAI Guiding Principles and an Acceptable Use Policy. Maine also convened a GenAI Business Acceleration Team under the guidance of its CIO. That group is currently at work on a governance framework, risk assessment, and training documents.
Meanwhile, the state has started dabbling in high-value, low-risk pilots that deploy generative AI technology, including one that summarizes marine research audio files, which is a pretty arduous job for a human. State tech officials expect that project, among others, to yield lessons that will improve use of generative AI for other government tasks in the future.
But AI was not the only emerging technology Maine made progress on over the past two years. In late 2022, the state hired a director for its Cloud Center of Excellence, tasking that person with adapting the latest cloud technologies for use in Maine. Since then, the state has been able to start moving away from on-site data centers to cloud-based data centers. An ongoing move to the cloud has also helped with IT modernization, making it so the state could decommission some of its legacy servers.
Finally, other standout work for Maine over the past two years included its creation of a cybersecurity risk management program, which involved hiring an information risk security officer. Maine officials expect this to reduce the state’s reliance on third-party vendors, ultimately making Maine more cyber secure.
Massachusetts
CIO: Jason Snyder
The state of Massachusetts received another high grade in the Digital States Survey after two years of new governance and data strategies, overhauling digital services, and open-mindedness to emerging technologies, namely artificial intelligence. To stay on top of their fast-changing technology environment, the state CIO, CISO and chief privacy officer each established their own leadership councils who convene regularly with subject-matter experts. Gov. Maura Healey also issued an executive order in 2023 to create a Digital Accessibility and Equity Governance Board, which led to the hiring of the state’s first chief IT accessibility officer (CIAO) in January 2024. For cybersecurity, the state established the Massachusetts Cyber Incident Response Team (MA-CIRT), which created a cyber incident response plan and implemented a Vulnerability Management Lifecycle program that has counted a 30.2 percent reduction in vulnerabilities across state infrastructure since July 2023. As a part of its resilience plans, the Executive Office of Technology Services and Security (EOTSS) established a monthly enterprise data protection service test to ensure lost data can be recovered. It also continued its shift away from state-owned data centers toward hybrid cloud environments by moving its core network infrastructure to co-location hosting facilities in Boston and Lowell. For data privacy, the privacy office crafted a policy for AI and developed an assessment and pilot program to find privacy risks during contracting and development.
Turning to citizen-facing work, EOTSS worked with agencies across the state on a comprehensive Digital Roadmap of state government services, allowing citizens to create a profile, track the progress of their requests and transactions, interact with a chatbot, and find instructions and information. MassGIS partnered with University of Massachusetts Amherst for a regional GIS center to help cities and towns with GIS needs, and the state made progress on digital equity with public surveys and listening sessions, distributing millions in funding for broadband projects and digital literacy.
Massachusetts embraced AI by establishing or updating use policies based on the NIST framework, forming a strategic task force to gather input and advise the governor on what the state could do with AI, and creating a secure, isolated “sandbox” for experimenting with AI. The state encouraged departments to explore use cases for the technology, surveyed them to see what they were doing with it or wanted to do with it, and partnered with Northeastern University to develop their ideas. This led to AI tools for navigating Medicaid policy documents, helping engineers navigate rules for highway projects, helping transit riders access services, and predicting grant eligibility.
Mississippi
CIO: Craig Orgeron
Mississippi has put an emphasis on health care, expanding telehealth statewide — something especially helpful for patients in remote areas. The state aims to improve broadband capabilities at all community health providers to support this, and a mobile app and website help connect residents with pregnancy and post-natal-related resources. Receiving state services is also simplified thanks both to a more personalized state website experience and a single digital application for various benefits including Medicaid and SNAP.
An app providing disaster preparedness information and resources has been popular among residents, and the state has secured its own operations, too, with plans for a statewide cybersecurity risk assessment. A new incident reporting portal also aims to make it easier for agencies to report cyber incidents to the IT department. Plus, a common email filtering tool helps standardize these defenses across the state’s decentralized IT setup, as well as give the IT department better insights into threats. The state also adjusted its mainframe backup approach, switching from physical tapes to virtual ones, to make handling them easier and faster, and the state contracts for a backup data center, for resiliency.
Mississippi has also focused on data privacy, establishing a chief privacy officer position within the CISO’s office. The CPO will develop data privacy guidance and policies and an awareness campaign, as well as evaluate existing cyber policies for areas to update with data privacy requirements.
In another big move, the state took action after a vendor-managed hybrid cloud underperformed. It created a new state-owned and -operated private cloud instead, which it expects to improve data security and application recovery while being cost-effective.
Missouri
CIO: John Laurent (Acting)
Centralized guidance combined with a focus on more citizen participation are two of the main ways that Missouri stands above other states when it comes to better use of technology.
Take the state’s Cabinet IT Governance Council, or CITGC, a group to which 15 governor-appointed cabinet directors belong. Each month the council gathers and sets priorities for new IT projects while also keeping up to date on the status of ongoing tech efforts — including, for instance, cybersecurity, increasingly a task requiring the attention of the wider government.
The state’s Information Technology Services Division, or ITSD, has also re-established a central project intake office which analyzes the business cases of tech projects — another type of state-level accountability for IT in Missouri, according to officials. Such vetting has helped push the amount of IT projects that are on time and on budget to more than 80 percent. That’s up from 42 percent, which translates into millions of dollars of annual savings.
Meanwhile, the state has increased its focus on citizen feedback and participation in the tech area, with the hope of creating single sign-on access for both residents and businesses — a reflection of the larger “one-stop shop” trend in government technology. The state wants to provide access to services, communications, applications and other forms and information via one portal.
New Hampshire
CIO: Denis Goulet
New Hampshire invested heavily in modernizing the state’s networking infrastructure to improve performance and security. It expects to have 330 sites upgraded by November.
The state pushed security in other ways, too. That includes revamping its cyber standards, policies and procedures to align with a respected framework and ensuring they’re published where state employees can easily view them. Meanwhile, New Hampshire’s Municipal Cyber Defense Program trains local government IT about prevalent cyber attacks and best practices, including with specific training for K-12 employees and fire departments. The state’s “.Gov in a Box” program also helps schools, local government and others migrate to .gov email and websites.
Plus, New Hampshire seems to be listening well to the Environmental Protection Agency’s alarm over drinking water cybersecurity and is focusing on assessing and securing community drinking water systems, with plans to next address community wastewater systems.
To create a consistent website feel and more user-friendly design, New Hampshire is migrating sites over to a cloud-hosted template. While the template was intended for the executive branch, it’s attracted voluntary use by the judicial branch, too. Employee trainings and website auditing tools also promote accessibility, and a forthcoming single sign-on portal will streamline permitting and licensing processes for residents.
Eyeing emerging tech, New Hampshire published an AI policy and code of ethics, and is considering the technology for translation. It’s also piloting robotic process automation use cases.
People are key to success, and the IT department boasts the lowest job vacancy rate it’s had in over a decade. That’s thanks to changes like flexible salary ranges, accepting applicants with skills obtained outside traditional education and more flexibility in contracting. The division has also been onboarding people of various seniority levels, so more junior members get mentorship before senior staff retire.
South Carolina
CIO: Nathan Hogue
In late December 2022 South Carolina began the process of blocking TikTok from all government devices, as well as the state’s network. Cisco Umbrella, an Internet filtering software, was installed on all state agency electronic devices to block access to the social media app. Meanwhile, the South Carolina Department of Corrections became the first agency in the nation to use a new FCC process to disable contraband mobile phones, prompting more calls to be made using the Inmate Telephone System Services Provider, which operates at a rate of 5.5 cents per minute.
South Carolina’s use of AI is guided by three aims: promote its use, protect privacy and pursue AI’s opportunities, known as the “three Ps.” An IT Governance Group made up of 12 state agencies will review AI initiatives against these three pillars.
The state uses the sc.gov wallet — a seamless and secure payment platform enabling residents to make online and over-the-counter payments with government agencies. The platform is used by more than 160 state and local entities, and it processed more than 5 million payments in 2023. By mid-2024, the platform will be available for all payment services.
Other departments like the Workers’ Compensation Commission, Department of Alcohol and Other Drug Abuse Services and the Department of Employment and Workforce have all made strides toward improving online interactions with residents. Similarly, the South Carolina Department of Health and Human Services adopted ID.me, an identity, credential and access management system, for Medicaid recipients, allowing beneficiaries and applicants to engage online rather than through a paper-based process.
In the last two years, the state has also been diligent in prioritizing cybersecurity. The South Carolina Critical Infrastructure Cybersecurity Program has grown the cyber liaison officers network to more than 400 members who participate in monthly meetings to improve their organizations’ security posture.
Tennessee
CIO: Stephanie Dedmon
Tennessee's current approach to modernizing systems and better serving constituents blends innovation and practicality.
The state has made big moves to secure its cybersecurity posture in the last year, passing legislation that bans state entities from paying ransomware attackers, as well as adding backup tools to its arsenal and convening the Cybersecurity Advisory Council.
Facing staff shortages and federal hurdles, Tennessee's IT office, Strategic Technology Solutions, delivered over 670 projects in the last year, migrating 85-plus applications to the cloud, while supporting nearly two dozen agencies. Along the way, they’ve introduced new tools like a cloud-based Eligibility and Benefits Management System and One DHS portal for the Tennessee Department of Human Services that are significant upgrades to decades-old systems, potentially improving the lives of over a million Tennesseans.
The state has taken a strong interest in using AI to improve their processes, introducing legislation for an AI advisory council and generative artificial intelligence policy. They’ve also launched PolicyGPT, a large language model that the state hopes will transform policy interpretation and access.
Tennessee continues to innovate new solutions to protect the lives of residents, integrating a new Smart Corridor management system on a stretch of interstate near Nashville to solve congestion issues and provide drivers with accurate, real-time information, bringing a reduction in crashes resulting in fatalities.
Vermont
CIO: Denise Reilly-Hughes
Vermont’s Agency of Digital Services (ADS) demonstrated its value as a key contributor to government operations when a catastrophic flood ravaged the state in July 2023. Twenty-three state office buildings were in the flood path, which caused an estimated $100 million in damage to state facilities alone. ADS oversaw state continuity of operations plans, and its foundational work in data analytics enabled dashboards that informed high-level decisions during the event and its aftermath.
Vermont first established its Artificial Intelligence Division in fall 2022, and its early work creating guidelines using a risk-based approach led many other states to reach out for advice as their own efforts matured out of the concept stage. The AI office has since acquired an essential new partner: the state’s data team. Vermont’s Chief Data and AI Office has piloted many AI use cases, like a generative AI contract search tool to speed flood recovery for municipalities and an internal tool to encourage staff to deepen their understanding of the technology. Part of the new office is Vermont’s first-ever director of data privacy.
Since the last survey, Vermont has established another new division that is also quickly becoming a best practice in state government: an Enterprise Services Division staffed with dedicated business relationship managers who function as direct links between agencies and IT.
ADS brings a strong focus on human-centered design to its work, in evidence with recent security upgrades to its legacy unemployment insurance system. Rounds of iterative design focus on residents likely to be unemployed, as well as call center staff. A major modernization is now underway at the Department of Motor Vehicles, and the state reports it is also in the very early stages of a needed ERP upgrade.
Washington
CIO: Bill Kehoe
Climbing to the A- category this year, Washington state has enacted a number of IT improvements with a focus on “connected government.” This new enterprise IT strategy places residents first and aims to make all state services accessible with a single login.
The state launched a program to explore and implement artificial intelligence across public services, with guidance from Washington Technology Solutions (WaTech), the team under the leadership of CIO Bill Kehoe. Along with composing government AI guidelines, WaTech also created a division dedicated to ensuring inclusive and equitable digital experiences. A statewide accessibility “community of practice” was formed to monitor the accessibility of state services for residents and businesses.
To improve security, WaTech developed a process to update and maintain the security policies of all state agencies, and its office of cybersecurity launched an agency risk assessment program as well. The state now has a zero-trust security strategy and is deploying a statewide software-defined wide area network solution to strengthen security and disaster recovery capabilities.
Taking steps to become a “data-driven state,” Washington hired a chief data officer and started an enterprise data program with the goal of integrating and leveraging data to improve state services. In addition, the Office of Privacy and Data Protection established specific requirements and review processes for all agencies that collect personal information.
The IT workforce has been a focus in Washington as well. To help the state support and maintain its ongoing shift to comprehensive cloud services, a vendor was selected last year to provide training for employees in essential cloud skills.
Wisconsin
CIO: Trina Zanow
Wisconsin’s investments in standardized digital infrastructure and improved user experience helped the state earn an A grade this year.
Digital initiatives that directly serve the state’s constituents include a website that helps households find affordable Internet options, a MyWisconsin ID for single sign-on access to online state services and systems, the Supporting Youth and Children program that consolidates records on child welfare and case management and an online portal for drug monitoring that improves patient experience and helps prevent opioid abuse and overdose.
Some notable infrastructure initiatives include systemwide cybersecurity upgrades as well as ongoing efforts to modernize data and technology at state agencies. The state’s cloud strategy is a central component of these initiatives, as tech leaders work to streamline the solution review process while ensuring state data has adequate safeguards.
Looking toward the future, the state now has a unified process for considering new technology investments. The vendors and business dedicated web portal page standardizes vendor intake forms and saves time for both departments and prospective vendors.
Investing in a skilled workforce emerges as a clear priority in Wisconsin as well. In 2023, Wisconsin created a registered apprenticeship program that connects job seekers and employers, including those in the IT field, helping to meet the growing need for tech talent in the state. And the “Anywhere in Wisconsin” initiative broadens the state’s ability to recruit inclusively for positions in its own organization. By supporting options for remote work, the state can now hire from any of its 72 counties.
B+ STATES
Colorado
CIO: David Edinger
In Colorado, government technology is guided by three aspirations: connecting all Coloradans to high-speed Internet, expanding opportunity and reducing poverty, and “making government easier.” To support this effort, about 30 percent of the state’s adult population now has a myColorado account and access to the mobile app, enabling a digital ID and access to a range of digital government services. About 1,000 accounts are added every day. Credentials like hunting licenses and teacher certificates are also compatible with the app.
Earlier this year, Colorado became one of the first states to enact a legislative framework to regulate artificial intelligence tools. CoCo, myColorado’s digital chatbot, enables residents to chat with the state’s customer support via AI. CoCo handles about 30 percent of customer requests, helping to reduce wait times for requests that need more technical support.
In March, the Governor’s Office of Information Technology launched Snowflake, a cloud-based data platform to provide data storage, processing and analytics for state agencies. The retirement of the state’s mainframe in July 2023 helped to reduce risks, as well as save about $700,000 annually in maintenance and operating expenses. The migration moved 13 state applications, services and operations to hosted computing sites. Colorado is also continuing the consolidation of its data centers, aided by the adoption of cloud-based solutions, which have also surpassed $1.5 million in annual savings.
OIT has maintained a remote work posture, with some 80 percent of OIT employees working remotely. The department has reduced its office space needs by 70,000 square feet.
Delaware
CIO: Greg Lane
In the face of funding and staffing challenges, Delaware is pursuing a diverse strategy of innovation. Their strategic plan centers on modernizing government processes, expanding citizen services and ensuring equitable access to high-speed Internet. The Department of Technology and Information (DTI) is leading efforts to bridge the digital divide, working with the governor’s office to provide broadband access "to the last mile." They're also developing Go DE, a new digital government portal aimed at streamlining access to services and payments across multiple agencies.
Delaware is exploring the potential of AI to enhance government operations. A federal grant will enable them to deploy an AI-based integrated transportation system. This system uses real-time traffic data to optimize traffic flow, representing a potential model for future predictive and adaptive infrastructure management. Additionally, AI is being used to glean insights from constituent feedback. By conducting sentiment analysis on survey responses, Delaware aims to improve service delivery for their Delaware One Stop platform.
Data governance is a clear priority. The state maintains a data glossary to ensure consistency and recently implemented the Delaware Integrated Data System, a cloud-based repository designed to facilitate cross-agency collaboration and insights. The enactment of the Delaware Personal Data Privacy Act further underscores their commitment to responsible data management.
Recognizing the impact of an aging workforce, DTI proactively addressed potential staffing gaps by transitioning to brokered services and launching an associate's program to cultivate early career talent.
Illinois
CIO: Sanjay Gupta
Since the official creation of the Illinois Department of Innovation and Technology (DoIT) in 2018, the state has made an intentional effort to break down departmental silos by nurturing cross-agency relationships when it comes to tech implementation. This partnership-focused strategy has resulted in over 50 system and technology upgrades, which have improved services for residents across Illinois. A central priority for DoIT is increasing accessibility while simultaneously strengthening data security for digital services. The state’s resident single sign-on system, ILogin, allows users to access multiple state services while incorporating identity proofing to reduce identity theft.
Additionally, as part of its modernization push, DoIT revamped over 130 websites across 50 state agencies, migrating them to Adobe Experience Manager. The result was an enhanced collection of applications that visually adapt whether the user is on a computer, smartphone or tablet. The second phase of the initiative will focus on user feedback, using customer journey mapping and a human-centered design approach to update the websites based on lessons learned.
DoIT is also reimagining the employee-customer dynamic to lighten the internal workload while still providing the same personalized level of service for residents. To do so, the state plans to let AI handle the heavy lifting on tasks such as data analysis, cleansing and categorization, and document processing, while they continue to focus on ensuring resident needs are being addressed in a timely and effective manner.
Iowa
CIO: Matt Behrens
Iowa has made moves to modernize and centralize its technology systems and services. All executive branch IT staff now work for the Department of Management’s Division of Information Technology (DOM DoIT), and the state has a new brand and portal in place.
As part of these changes, Iowa consolidated its agency websites, eliminating 29 virtual and cloud servers for a savings of more than $225,000 in ongoing support costs. With the help of cloud services, the state also decreased the amount of space required for its primary data center by 84 percent. Further consolidations include the combination of more than 22 tax systems into one secure, user-friendly portal.
Iowa is also exploring new technology, such as a machine learning program that can predict road conditions. Other new tools, designed for the Department of Corrections, use data from Iowa prisons and parole offices to predict who may need more intervention and support services. In the area of school safety, residents now have access to the Safe+Sound Iowa app, which allows students, teachers and parents to immediately and anonymously report any concerns.
As for online safety, the state has established a cyber incident response team to help government entities better prepare for and respond to cyber threats. It also expanded endpoint detection and response to include support for local government and nonprofit organizations.
Supporting constituents has been an area of emphasis as well. Numerous town halls were held to identify Iowa communities in urgent need of broadband infrastructure grants, which were then funded in 96 Broadband Intervention Zones. To improve communication with residents on these and other initiatives, the DOM DoIT monitors constituent engagement via sources such as the state’s enterprise chatbot and social media pages, then reports its findings to each public agency.
Louisiana
CIO: Derek Williams
As software gets more sophisticated, tech leaders in Louisiana are working on a new tool to help them navigate those complexities: A procurement method called invitation to negotiate, designed to allow the state to negotiate simultaneously with different vendors in search of better prices and services.
Louisiana also wants to get an edge when it comes to artificial intelligence via what tech officials there called a comprehensive AI governance framework, along with a state AI task force. The idea is to come up with ethical and other guidelines around AI to ensure fairness, privacy, security and transparency.
Tech progress also is taking place closer to the ground in Louisiana, so to speak.
The Louisiana Checkbook website, for instance, enables residents to track state spending and funding sources, contracts and other activities, providing deeper insights into how tax dollars are spent. The LA Wallet mobile driver’s license, meanwhile, has become an example for other states of how to do digital ID. More than 1.4 million state residents use the tool, which can also provide authentication for unemployment and other benefits.
The state has also adopted digital ID technology for age verification for adult sites, and for businesses that sell products that come with age limits. Businesses can run such checks in real time, which state officials have said can lead to increased sales.
Maryland
CIO: Katie Savage
Since taking office at the beginning of last year, Gov. Wes Moore has spearheaded a number of IT initiatives aimed at improving the business of Maryland government and the lives of its residents. In January he issued an executive order addressing artificial intelligence and its responsible use by state agencies. The executive order contains six components in guiding the state’s use of GenAI, including establishing guiding principles like fairness, privacy, transparency and more. It also calls for the creation of an AI subcabinet to facilitate coordination on the use of AI across the state; the subcabinet recently released its first set of guidance focused on use of GenAI tools by state employees.
The governor also spearheaded the creation of the Maryland Digital Service (MDDS), a team of experts in digital services engineering, design, web experience, strategic investment and more. Housed within the state Department of Information Technology (DoIT), MDDS will guide the state in creating more accessible, user-centered and cost-effective digital services. In a similar vein, Maryland now has its first-ever Digital Accessibility Policy to ensure that the state’s services are accessible to everyone. This policy guides state agencies in implementing state non-visual laws and regulations and requires that each department create an accessibility officer position to coordinate with DoIT’s Office of Accessibility.
Last year, Maryland released a State Cybersecurity Centralization Strategy to bolster its digital defenses and manage cyber risks. This led to the formation of the Maryland Cybersecurity Task Force, consisting of subject matter experts from DoIT, the Maryland Military Department and the Maryland Department of Emergency Management. In coordination with the Governor’s Office of Homeland Security, this team spearheads a whole-of-government approach to the state’s cybersecurity posture.
Montana
CIO: Kevin Gilbertson
According to its IT 2024-26 Strategic Plan, Montana is confronting the challenges and inefficiencies of technical debt, which undermines the strategic goal of “creating a cohesive, statewide IT infrastructure.” But it’s doing so while simultaneously fielding a wide array of modernization projects. The State Information Technology Services Division’s (SITSD) initiatives set out in the plan include centralizing desktop purchasing, implementing return on investment methodology, consolidating the service desk, identifying and mapping critical processes, and doing yearly security awareness training. SITSD is migrating COVID-19 pandemic-related call centers and web pages to a single call center; it’s also underway on a customer interface and grant portal with “no wrong door.” The division is undertaking a digital transformation to the cloud and will stand up ServiceNow Service Management and Asset Management tools. Low-code/no-code procurements will be a priority going forward. And IT is at work digitizing citizen-facing services — migrating to digital and upgrading existing platforms to be more user-friendly.
In April, the Montana State Library updated a major resource on land and property data, releasing an updated version of its Montana Cadastral application, where Montana residents and government agencies can find data on land parcels. The new app enables searches by geocode, owner, address, assessment code, subdivision or location, and features quickened zooming among its performance enhancements.
Last winter, Montana State University (MSU) received a $500,000 grant from the National Science Foundation. The funding will benefit the university’s Research Cyberinfrastructure Core Facility, which manages advanced IT systems used in AI, quantum science research, machine learning and elsewhere, per a news release; new equipment is expected to give MSU the most powerful computing capabilities in the state.
Nevada
CIO: Tim Galluzi
Nevada’s state IT office ensures residents in both rural and urban communities have a strong connection to modern digital services, leveling the playing field for all Nevadans. A central aspect of IT’s approach is the High-Speed Nevada Initiative, which aims to bridge the digital divide by providing high-speed broadband access to residents. This has become even more important since the COVID-19 pandemic, with connectivity now essential for education, work, health care and civic engagement. Additionally, Nevada has implemented innovative solutions to improve service delivery. The state’s Department of Motor Vehicles has undergone a multiyear digital transformation effort that has brought most services online, improving connection to the community. The Department of Employment, Training and Rehabilitation’s AI-driven virtual assistant, "Sara," has had a significant impact on case management in assisting employees and residents.
Security and data privacy also remain top priorities for the state. Regular collaboration among state agencies, supported by the State Technology Governance Committee and IT Advisory Board, ensures that IT initiatives align with the state's broader strategic goals.
New Jersey
CTO: Christopher Rein
New Jersey rises to a B+ ranking in this year’s survey through a steadfast focus on modernization and putting people first. A new strategic plan in 2023 set priorities for refreshing old and legacy apps; since then, leaders have created common workflows and digital data collection processes across 20 state agencies.
Major initiatives include modernizing the state’s financial enterprise resource planning platform and moving its pension funds system off legacy. The state also moved its domain name system into a secure cloud environment and updated firewalls, modernizing 61 agency apps and websites. Resident-facing work includes bringing secure Wi-Fi to roughly 30 Motor Vehicle Commission offices, creating an online presence for the Maternal and Infant Health Innovation Authority, and an online portal to support residents impacted by the opioid epidemic. The Office of Information Privacy has set up a portal enabling public servants covered by Daniel’s Law to mask residential and personal information for safety reasons.
Officials have upgraded state firewalls with enterprise-level, next-generation protection featuring malware and data loss prevention. The Office of Information Technology has upgraded and streamlined state backups and processes, moving them off legacy systems. Hosting, management and delivery of IT infrastructure services has been centralized and consolidated, making systems more available and resilient. Mission-critical human services workloads have also been migrated off legacy, saving money and improving resiliency.
Gov. Phil Murphy has appointed New Jersey’s inaugural chief innovation officer and created the Office of Innovation. The state has also set up an artificial intelligence task force and a policy promoting the responsible use of generative AI by state employees. A new GenAI task force is co-chaired by state CTO Christopher Rein.
North Dakota
CIO: Greg Hoffman
North Dakota has in recent years established itself as a forward-thinking jurisdiction, often among the first states to embrace new innovations. This certainly held true over the past two years as artificial intelligence exploded into the mainstream. To address this, North Dakota adopted a new Artificial Intelligence Policy in January, outlining responsible and ethical use of AI in state government functions. This policy is part of a broader effort in the state’s IT shop to benefit from AI innovation while also protecting safety, privacy and intellectual property rights. This framework created guardrails and transparency that has made it easier for North Dakota to start integrating AI into its governmental functions. Looking ahead, the state is working to build what it’s calling an AI factory, which would oversee the end-to-end life cycles of AI tech in government.
Keeping up with the evolving use and protection of data has also been a priority for North Dakota. During the past two years, the state established a new Data Classification Policy aimed at keeping sensitive data protected. Meanwhile, it teamed up with a vendor partner to create the Lighthouse Program, a new framework for how the state’s data is governed, managed and used in the service of decision-making. This is part of a three-year plan that includes creating a data road map.
Finally, North Dakota has worked to create new digital services for its residents. The IT shop teamed with the Department of Transportation to launch 511 Travel, a website and app that provides real-time info about road conditions, among other things. Similarly, the state’s health department launched the ND Health Tracker, a platform for information about public health initiatives and trends.
Oklahoma
CIO: Joe McIntosh
Finding operational efficiencies and exploring the potential of artificial intelligence have been major focuses for Oklahoma recently, which CIO Joe McIntosh reiterated after his appointment in July 2023. The state got started on this with an AI task force that published a report of recommendations in January 2024, including the formation of several leadership positions and at least three groups: an AI oversight committee to advise the governor and the Oklahoma Office of Management and Enterprise Services (OMES), an AI technology economic development task force, and an AI technology talent task force to attract skilled workers. The state also partnered with Google to offer a free AI Essentials course to train more than 10,000 residents on how to use the technology.
To increase control over spending, the state got into a relatively new form of data analysis called process mining, or using specialized algorithms to better understand agency operations and spending. To do this, OMES deployed an execution management system from the data-processing company Celonis, which helped to review more than 16,000 purchase orders — a task that a small internal team accomplished in a few weeks instead of contracting with a third-party team of dozens over many months. The state also replaced its 16-year-old human capital management system, started virtualizing its remote servers, started using an alternative system-engineering process to measure the performance of its 25-year-old child welfare information system and authorized more than 140 broadband expansion projects.
Oregon
CIO: Terrence Woods
Oregon’s state government, including its Enterprise Information Services (EIS), displays a commitment to robust, thoughtful control of the governance of all things technology across the enterprise, including data strategy, project management, cybersecurity and user experience. One particularly interesting application of this approach is in innovation; the state’s strategy for emerging technologies brings in stakeholders from various agencies to engage in a framework that defines technologies by trend cycle and ensures alignment of new efforts with strategic goals and standards.
The state has notched notable progress in the areas of data governance, cybersecurity and disaster recovery/continuity of operations. In 2023 the state updated its Information Asset Classification Policy and turned on mandatory labeling so all documents saved or edited on the network must have a label denoting data sensitivity. It also launched GEOHub, a geographic information sharing portal, and created a Data Equity Plan and Data Literacy Framework.
Oregon employs a whole-of-state approach to cybersecurity and has made several recent advancements on that front. It has achieved 100 percent multifactor authentication compliance across all agencies, as well as deployed a variety of solutions to secure Microsoft apps after an effort to roll out 365 software across the state. New protections against distributed denial-of-service attacks for Domain Name Services have led to 100 percent uptime for public-facing resources, and the state is formally adopting StateRAMP to standardize vendor cybersecurity measures in 2024.
The state has improved its preparedness for disasters as well, with projects to upgrade fiber throughput, establish a tertiary site for compute and network ingress, and embracing cloud for backup as well as recovery. The state is in the first phase of an effort to create new options for putting data workloads into the cloud, improving flexibility and potentially cutting costs.
EIS and partner agencies have achieved success on several big projects as well, including a new statewide Driver and Motor Vehicle Services Division lobby management system that allows for online appointment scheduling, an upgraded victim information and notification system, Direct File for individual income tax, and unemployment insurance modernization.
Pennsylvania
CIO: Amaya Capellán
Despite significant leadership changes in IT roles over the past couple years, the state has worked to keep Pennsylvania moving forward.
For instance, the state’s CISO is part of an Election Security Task Force working to safeguard election integrity. The group also includes federal, state and local officials — an example of how cybersecurity is a broad task that needs to be shared by various agencies at all levels. Turning to internal process improvements, the Office of Information Technology surveys internal customers each year, which has led to a push to streamline how its help desk operates. The improvements will engage users throughout to ensure it meets their needs, and it will also include self-service options.
CODE PA — the Commonwealth Office of Digital Experience — has also been busy with the launch of its first product, PAyback.pa.gov. Residents can use that site for permitting and licensing fees and processing. The state’s tech leaders also are pushing efforts to offer a single application for all permits that residents might need, and a cross-agency tool for benefit applications instead of making potential beneficiaries visit various state departments. The plan is to replace paper forms with digital.
Meanwhile, the new PA.gov site, launched in June, was designed so that residents have quicker and easier access to government services and information. Medical insurance appeals also are getting a digital makeover via a website that people can use to fight denial of health claims.
Rhode Island
CIO: Brian Tardiff
Rhode Island is taking a serious look at emerging technologies, working to establish a strong data governance and privacy approach that can lay the groundwork for later AI use. Efforts so far include hiring a chief data and analytics officer, appointing an interim chief privacy officer, and launching a public-private AI Task Force to examine risks and opportunities. The state also drafted an AI policy following NIST’s AI Risk Management Framework and is working to create a Data and AI Center of Excellence. That follows on creations of centers of excellence for cloud, zero-trust architecture and low code.
Low code also features in a major modernization effort. The state is in the process of transitioning HR, payroll and finance to a new low-code, cloud-based enterprise resource planning (ERP) platform. This unified platform is expected to bring more efficiency and data insights, and to strengthen cybersecurity. Also on the cyber front, Rhode Island updated vendor contracts to include more cybersecurity requirements. The state is also emphasizing training its workforce, including by hiring a statewide IT training manager who’ll address cybersecurity, IT management and technical skills.
Rhode Island also promotes a consistent, accessible experience across state offerings, with a cloud-based enterprise content management system that agencies can use to host their websites. The system is designed to make content accessible, including ensuring it’s mobile-friendly, screen reader-friendly and equipped with language translation options. Platform features allow for publishing new websites quickly, and without staff needing to know how to code.
Another initiative brings tablets to inmates to improve mental health and post-release outcomes. The tablets provide communication with family and friends, as well as offer personalized education, job training rehabilitation and re-entry plans. Participants in the education programs showed a 13 percent greater chance of landing a job after release and 43 percent lower chance of recidivism.
West Virginia
CIO: Heather Abbott
Enhancing the digital government experience for West Virginia residents is a central component of the state’s IT work. To fully understand the digital experience residents encounter with state agencies, the West Virginia Office of Technology will examine that experience against key performance indicators such as error rates, cost per transaction and user satisfaction score, among others. The Division of Motor Vehicles has introduced digital vehicle registration cards, which allow residents to carry digital versions of their vehicle registration, and more than 7,000 residents have opted into the program. The digital registrations are held in digital wallet platforms on smartphones.
AI is another big area of growth. The Select Committee on Artificial Intelligence was formed by the West Virginia Legislature to begin the process of educating elected and public officials around the impact and opportunities of AI. Meanwhile, the Secretary of State’s Office launched a new AI-powered chatbot known as Single Online Location (SOLO) to aid in business filings and answering questions. SOLO has been able to facilitate phone calls that would normally be routed into the state office. The state is also using AI to monitor and evaluate roadway infrastructure and maintenance in a pilot project that uses cameras, AI, GPS and other technologies to study roads in Monongalia and Preston counties.
In back-end IT progress, West Virginia has transitioned its on-site mainframe system to a hosted network with full disaster recovery and backup abilities.
B STATES
Alabama
CIO: Daniel Urquhart
Alabama’s IT work since 2022 has focused on citizen-centric technologies, enhanced cybersecurity, and looking to the future of AI in state and local government. In February, Gov. Kay Ivey established the Task Force on Generative Artificial Intelligence chaired by state CIO Daniel Urquhart. The group is tasked with understanding current uses of GenAI in state executive branch agencies and recommending policies and procedures to ensure the responsible use of this technology going forward. The task force is expected to present a final report to the governor at the end of November.
Alabama also focused on tech to improve citizen-facing services, such as the refreshed Algo Traffic website and mobile app. Users can now get enhanced, near-real-time traffic and roadway information including personalized alerts. And the new Alabama Victim Notification System website, a successful collaboration between the attorney general’s office, the Alabama Department of Corrections and law enforcement agencies, gives victim better access to information on offender updates.
An evergreen topic in the Digital States Survey, cybersecurity was an important focus for Alabama in the last two years. The state recognized the importance of planning for a cyber incident by dedicating a section of the Emergency Management Agency’s incident response plan specifically to cyber incidents and response. Annex C outlines a standardized, flexible and scalable framework for agencies to prepare for and respond to cybersecurity threats and attacks, providing guidance on everything from mitigation and prevention to response and recovery. Additionally, the state established a Cybersecurity Planning Committee to develop, approve, implement and revise the Alabama Cybersecurity Plan. This plan serves as the driver for Alabama’s approach to collaborating with local agencies to improve their cybersecurity posture through the State and Local Cybersecurity Grant Program.
Arkansas
CIO: Jeff Dean
Arkansas is committed to delivering quality digital services to its constituents. In 2023, the Information Network of Arkansas (INA), a public-private partnership, established a Citizen Experience subcommittee, which focused its efforts on streamlining digital services and modernizing state agency websites. The new upgrades unify features and visual elements, enhancing user experience. Also, Arkansas.gov now automatically syncs with and reflects updates from other state departments. The work continues with efforts underway to create a universal search allowing users to search any Arkansas website and receive relevant results from other agencies. A partnership between INA and Tyler Technologies also works with state agencies to offer a variety of digital services such as payment processing, digital forms, mobile apps and more. In 2024, Arkansas launched a new platform that uses state administrative data and user-submitted data to recommend custom career advice for job seekers in the state.
The state recently established a group of virtual chief information security officers (VCISOs) to support the state CISO. The group meets monthly to review the latest cybersecurity trends and is responsible for implementing cybersecurity policies at the agency level. The group offers high-level oversight over all agency projects related to cybersecurity. This collaborative effort between the CISO and the VCISOs is a unique approach that Arkansas is taking to fortify the state’s cybersecurity posture.
Arkansas also prioritizes connecting its underserved residents to high-speed Internet. With the help of private-sector partners, as well as grant funding, the Arkansas State Broadband Office leads the initiative to reduce areas in the state that lack access to high-speed Internet. Arkansas successfully connected 130,000 residences and businesses to high-speed Internet thanks to grant funding. The state plans to continue expanding broadband access under the Broadband Equity, Access and Deployment Program and launch digital skills training for residents aged 18 to 64 who do not have fundamental digital competencies.
Florida
CIO: Warren Sponholtz
Since the 2022 Digital States Survey, one of the most notable changes to Florida’s IT landscape was the recent appointment of Warren Sponholtz as the state’s new chief information officer. Sponholtz was appointed to the role in August, officially replacing Jamie Grant, who stepped down as the state’s CIO on July 1, 2023. During this time, state agencies, including the Florida Digital Service (FLDS), focused on increasing cybersecurity and enhancing constituents’ digital experience. For example, FLDS has updated its cybersecurity policy to integrate AI-driven threat detection and response mechanisms to safeguard the state from cyber threats. FLDS is currently in the process of administering the second year of its Florida Local Government Cybersecurity Grant Program, which offers $40 million in competitive grant funding for cities and counties to equip software, services and solutions to improve their cybersecurity posture and protect Floridians’ data.
Each state agency is responsible for developing its own digital engagement and cybersecurity strategies, as Florida’s government is fully federated. However, the state has developed several key policies, including a comprehensive digital engagement strategy to enhance the constituent experience by deploying user-friendly platforms, implementing single sign-on systems to access services and using advanced analytics to personalize interactions.
Other notable state efforts include creating a Government Technology Modernization Council within the Florida Department of Management Services to study and monitor the development and deployment of new technologies and implementing a state-level Cybersecurity Operations Center (CSOC) within FLDS. The CSOC currently deploys a security stack to 35 state agencies, providing continuous monitoring and incident response year-round. Going forward, the state will focus on increasing departmental IT collaboration, open data transparency, application modernization, emerging technologies, cybersecurity and IT governance.
Idaho
CIO: Alberto Gonzalez
The Office of Information Technology Services (ITS) in Idaho is taking a measured approach to technology adoption and working to be strategic before jumping on the latest trends. Some big changes are happening at the state, and ITS is balancing different agendas from leadership and legislators. Through it all, the state has clear priorities: making things easier for citizens and businesses to access services, maintaining a skilled staff, and remaining laser-focused on cybersecurity.
The state’s strategic plan involves strengthening cybersecurity by facilitating annual penetration tests and vulnerability scans and coordinating with the Idaho National Guard to provide support for cities, counties and other government entities. The Innovative Readiness Training program has filled a need that would have cost a market value of $1.5 million in all the time spent by participants if Idaho were purchasing the services from a third-party vendor.
ITS has helped the state introduce modern services that will impact the average resident, including creating QR code vehicle renewals and an automated records request system. AI is on the state’s radar, and it has created policies and governance including a transparent and accountable framework for AI operations to preserve citizen trust and privacy. The state is currently testing a prototype chatbot for ITS with ITS-specific documents.
Idaho is also innovative in how it will fund upcoming modernization efforts. A citizen engagement fund has been established to leverage 0.5 percent of all credit card transactions, collecting an estimated $1.5 million annually that will be directed toward future digital experiences.
Kansas
CITO: Jeff Maxon
Under the leadership of Jeff Maxon, the former state CISO appointed chief information technology officer in October 2023, the Sunflower State continues a history of strong technology decisions to improve security and drive modernization. A website migration of 26 managed state sites, begun in 2022, is set to wrap this fall, and the Office of Information Technology Services (OITS) is building new websites for additional agencies upon request.
Underpinning OITS’ work to modernize networks and improve architecture, the state has spent millions to support broadband and make it more available, as well as to develop residents’ digital skills. In mid-2023, OITS stood up Kansas’ inaugural generative AI policy with guardrails for its responsible use; it was adopted across the executive branch and is continuously updated. OITS will soon host its first-ever AI briefing.
State lawmakers this year passed a bill consolidating cybersecurity under the executive branch CISO and giving OITS and the Information Technology Executive Council until Jan. 1, 2026, to create a plan for consolidating executive branch IT services under it. Legislation also passed requiring public entities and vendors to report significant cyber incidents to the state information security officer. Since 2023, state agencies have offered security-related technology training for water and wastewater operators statewide, a project that is improving resilience and will guide future infrastructure security work.
Work is underway with Accela and licensing agencies to modernize credentialing systems and make them more secure. And in public safety, Kansas Highway Patrol has upgraded in-car dash cameras to digital, with full integration with body-worn cameras and upload capabilities from vehicles.
Nebraska
CIO: Matthew McCarville
Nebraska has done quite a bit of work in recent years to enhance the digital experience it provides to its constituents. Of late, this has taken the form of connecting various state IT data and services into a unified cloud tool, one that requires each of the state’s agencies to collaborate with the CIO’s office in order to gain access. The IT department has instituted a Cloud Review Board that is tasked with governing, reviewing policies and maintaining the various cloud services that are used by the agencies. The creation of this board is part of an ongoing cloud migration project likely to continue in the years to come.
Nebraska has also made progress in the area of broadband and digital equity. In the past two years, it joined a long list of other states in adding a broadband office via an executive order in early 2023 by the state’s governor. While that office is not under the CIO’s purview, it does help with continued grantmaking by the state aimed at getting the entirety of its population connected to high-speed Internet. Other work being conducted by that office includes offering direction for policy and planning decisions, creating a broadband access map for the state, distributing funding, collaborating with government agencies and more.
New York
CIO: Dru Rai
Driving New York’s technological progress over the past couple years were a series of significant new hires and appointments, chiefly including Dru Rai in October 2023 as the state’s new CIO and director of Information and Technology Services (ITS). The state also hired a chief digital transformation officer, a chief privacy and enterprise risk officer and a chief customer experience officer, as well as usability testing staff to find pain points for users of the state’s digital services. ITS consolidated its GIS teams into one Geospatial Services Bureau within the Chief Data Office, which embarked upon a multiyear GIS architecture modernization project, and the state is in the process of setting up a leadership structure where each agency will have a deputy commissioner of technology.
New York rolled out several policies for state agencies last fall and winter, starting in October 2023 with a uniform technology standard connecting all the state government’s websites, then in November a step-by-step cyber incident response procedure, in December a couple employee policies about telecommuting and working abroad, and in January 2024 an acceptable use policy for artificial intelligence. AI was the subject of several initiatives across the state, as ITS set up an AI workgroup and partnered with the State University of New York at Albany for professional development. The DMV worked with ITS on an AI chatbot for its website, and the Department of Labor launched its own multilingual chatbot built upon Google AI and deployed AI-based virtual agents to answer phone calls.
Even outside of AI, the state made strides in modernizing several processes and services for access or efficiency. One easily overlooked but consequential project: ITS and the Division of the Budget creating a system for grouping all IT operational expenses together as a single budget request, saving considerable processing time. The state also launched a broadband mapping website, a web application allowing families to apply for EBT cards for food during the summer, an online tool for families to pre-screen their eligibility for child-care assistance, an option for DMV customers to handle documents and fees online, a mobile document capture option to reduce paper mail during tax season, a data tool to accommodate background checks for guns and a database of ammunition sales, and NY Mobile ID, a voluntary digital state ID or driver’s license for iOS and Android users.
Wyoming
CIO: Jeff Clines
Despite a recent CIO change, Wyoming’s Enterprise Technology Services (ETS) — and its state agencies — have marked much IT progress. Many of these efforts revolve around containing costs and increasing efficiency by creating shared resources and standards; perhaps the most high-profile example of this is the outsourcing project called the Resource Augmentation Program. In 2023 the state executed an RFP through which it contracted with 28 vendors for technical resource augmentation. This led to the creation of the Public Sector Digital Services platform, in which ETS made reusable modules and workflows agencies across the state can use to create applications — for example, the Off-Road Vehicles Permit Program. ETS has also set up a Project Management Office, through which it plans to support vendor vetting for state agencies and track IT spending statewide. Similarly, the Wyoming Data Governance Council has pulled in representatives from throughout the enterprise to develop eight data policies.
ETS and other Wyoming agencies have begun or completed several high-profile IT projects as well, including updating Wyoming Drivers Services’ revenue information system to a new environment, installing inmate wireless solutions at all five Department of Corrections facilities to support educational and reformational programs, and launching a new all-encompassing platform for operations within the Wyoming Liquor Division. There have also been several health and human services successes, including reworking routing processes for family assistance programs to drastically cut application processing time, modernizing the Comprehensive Child Welfare Information System, improving the exchange of information between child-care providers and families, revamping the Behavioral Health Management System, and implementing multiple Medicaid modules.
B- STATES
Kentucky
CIO: Ruth Day
Kentucky’s digital front door, Kentucky.gov, quantifies the online services that are getting a lot of traction from residents on its home page. Residents go online to do things like keep professional licenses up to date and register businesses. The state lists hundreds of services available to Kentuckians, with links to many local government services as well.
This year, the Commonwealth Office of Technology under CIO Ruth Day will take a major step in its data management work. They plan to implement a master data management system to enable streamlined data governance across Kentucky. The commonwealth also continues to move toward more transparent operations, in part by easing access to open records through internal process improvements. Other plans in the works include $20 million in legacy system replacements and an upgrade to Kentucky’s wired infrastructure, which will cost nearly $13 million over the next two years. Another big-ticket project now underway is a modernized social assistance management system for the Kentucky Department for Community Based Services. Replacing this system is expected to cost $30 million.
South Dakota
CIO: Madhu Gottumukkala
South Dakota’s CIO shakeup this year — it recently welcomed aboard Madhu Gottumukkala to lead the Bureau of Information and Telecommunications (BIT) — has come at a time when the state is pursuing several large IT projects. This work has largely been driven by the IT Modernization Fund, which elected officials have supported with millions in budget allocations.
Among those projects is a multiyear effort to modernize its 35-year-old enterprise resource planning system, which handles more than 4 million accounting transactions each year. With a contract for a cloud-based system, the state aims to integrate disparate systems, speed up transaction time, automate processes, enable single sign-on and open the door to other improvements across the enterprise. Following up on that project, the state is also seeking to replace its human capital management system as well as identity and access management technology. Separately, it’s engaged in a push to expand the use of .gov web domains across the state. An accounting software replacement at the Department of Labor and Regulation and a trauma registry project at the Department of Health are also in the works.
As BIT seeks to strengthen its relationship with other agencies through agency CIOs, it is also keeping an eye on AI, publishing guardrail documentation and seeking to better understand how vendors are using the technology.
C+ STATE
Alaska
CIO: Bill Smith
Alaska continues to make progress on some major IT projects that will set the state up for success, having completed a big cloud migration project that saw 70 percent of state applications move to the cloud. The state has data centers in both Juneau, the state capital, and Anchorage, which offer both on-premise and cloud-hosted services. There are also three other data centers in the state and one in progress.
CIO Bill Smith says that Alaska’s new cloud-based model will allow the state to realize benefits from artificial intelligence. To that end, the central Office of Information Technology has work groups focusing on AI governance, security and ethics, and agencies are working on proofs of concept to put the new technology to use.
Getting broadband across Alaska’s vast landscape, much of it rural, remains a huge undertaking. While many rural Alaskans have had Internet access via Starlink satellites that became available in late 2022, efforts are underway to get cable connections to far-flung areas. For example, construction was completed in May 2024 on a cable landing station in the Aleutian village of Akutan as part of the Aleutians Fiber Project. Residents now have access to high-speed Internet from GCI, the state’s largest telecommunications carrier. Other towns in the island chain are already hooked up to the 800-mile undersea cable. The project was funded in part by a grant from the U.S. Department of Agriculture’s ReConnect Program.
C STATE
New Mexico
CIO: Manny Barreras
New Mexico has continued to see leadership changes over the past two years, including the September 2024 appointment of Manny Barreras to the CIO’s office. The role had been held in an interim capacity by CISO Raja Sambandam since Peter Mantos left in June 2023 for a new position in the governor’s office. In that time, the Department of Information Technology continued to push forward with work to expand broadband to unserved areas and push for better cyber protections statewide. In 2023, the CISO put in place an attack surface management system and multifactor authentication for identity verification, and also worked to create a security operations center. Plans for 2024 include annual cybersecurity awareness certification statewide.
In 2024 New Mexico was approved to get $675 million to expand broadband access from the federal Broadband Equity, Access and Deployment Program; a final proposal to use those funds is due to the National Telecommunications and Information Administration by 2025. Additionally, the Office of Broadband Access and Expansion announced in August 2024 that it had awarded more than $40 million to Internet service providers, telecom co-ops, pueblos and a tribal company to expand broadband access as part of the Connect New Mexico Fund.
In other areas, Gov. Michelle Lujan Grisham released an executive order that New Mexico would need to transition to a fully electric vehicle fleet within 12 years. The state is also working on a one-stop business portal and in February 2024 updated its statewide IT pricing agreement. Plans are in place to upgrade public safety communications equipment with digital solutions by 2027, as well as to implement a statewide public safety radio network.
