Talkin' SaaS
Talkin' SaaS brings you in-depth interviews with proven regulatory leaders, from state government staff to private sector authorities. Take away practical solutions for your current regulatory challenges.
Talkin' SaaS
Top Priorities for Your State CIO with NASCIO's Alex Whitaker
GL Solutions’ Sam Hardin interviews Alex Whitaker, Director of Government Affairs for the National Association of State Chief Information Officers (NASCIO), about NASCIO’s 2025 Federal Advocacy Priorities. Whitaker unpacks all five priorities, from cybersecurity grants to artificial intelligence, with thorough explanations and real-world examples. He also shares what he calls the biggest issue facing state and local governments.
NASCIO’s 2025 Federal Advocacy Priorities: https://www.nascio.org/government-affairs/federal-advocacy-priorities/
GL Solutions helps governments run, grow and adapt. For more information about GL Solutions and our modernization service for regulatory agencies, visit us on the web at www.glsolutions.com. Or connect with us via Facebook, X or LinkedIn. Reach our host, Sam Hardin, at hardin@glsolutions.com or on LinkedIn. We look forward to hearing from you.
Sam, welcome to talkin SaaS. Brought to you by GL solutions. Talkin SaaS is your source for the inside scoop on software as a service, featuring interviews with proven regulatory leaders from state government staff to private sector authorities, and commentary in conversations that deliver practical solutions for your current regulatory challenges. Thanks for listening, and don't forget to rate, review, Subscribe and follow wherever you listen to podcasts or at geo solutions, and be sure to send us feedback by clicking on the send us a text link just above the episode description and your favorite podcast app. And now here's your host at talking SAS, Sam Hardin show.
Sam Hardin:And if you could start off with just, you know, letting us know who you are and what you do, and that'd be great.
Alex Whitaker:Yeah, absolutely. Well, thanks so much for having us on. Really excited to be here. And we also host a podcast at nacio. So when I say things like that, I really do mean it. It's so great to be able to be on another podcast and be on the other side of the table. Yeah, but I'm Alex Whitaker. I'm the director of government affairs and strategic partnerships at the National Association of State chief information officers. And I'm happy to delve into what that very long acronym is in a minute. But again, I'm our government affairs director, so everything, sort of federal advocacy, sort of federal relationship management and representing our state chief information officers, chief information security officers and chief privacy officers in DC, falls under my purview.
Sam Hardin:Thank you for that. Yeah, so, so why don't we dive a little bit into nacio? So when we're talking about CIOs, and you listed off some other acronyms there, we're talking about high level, you know, security, information technology, things like that at the state level. So if you could just just dive into that, just a little bit.
Alex Whitaker:So we represent when I say, you know, the Chief Information Officer, Chief Information Security Officer, those are kind of like the state enterprise architecture level, CIO. So it's not necessarily the CI or the so at your state's department of energy, but it's the one who is often in the governor's office or appointed by the governor, what have you, who is responsible for all those technology issues in the state, be it procurement, be it cyber security, the things that we're getting into and We'll talk about today, federal funding for for state security efforts and technology efforts and cheap private and privacy issues and all those sort of things. So those are the folks that we represent. And like I said, I do government affairs. We have a lot of other things that we offer our members as well. We have policy papers and webinars and all kinds of things that we put out and convene among our state members and our territory members. I also, before this, I worked at National Government Association, so I never want to forget our territories as well. Yes, and and so we represent them and work for them to help them accomplish the the mission of their office.
Sam Hardin:Yeah, thanks for that. That explanation there. Okay, so let's talk a little bit about you guys put out the federal advocacy priorities. You put this out yearly. It looks like it's a it's kind of a collection of you know, information, things that are coming down from on high, from the federal government, that you guys see, that you want to provide information and background and and recommendations on. So can you kind of talk about what the federal advocacy priorities, what that is for you guys, and kind of that process?
Alex Whitaker:Yeah, absolutely. So, yes, this is a yearly, you know, document, I guess is the best word for it, but a yearly package of priorities that we put out and we have for longer than I've been here. Actually, I celebrated my three years at I think a day or two ago. So thank you. Yeah, nasty is great place to work. Quick, nasty plug. Yeah, every year we put out a list of federal advocacy priorities that help guide our government affairs, interactions with Congress and federal agencies. The list is not long. We only have five priorities. That does not mean that that's all that we do, but we pull, we sort of pick the things that it's sort of a combination of things. What the federal government is likely to discuss, be that through legislation or regulation. Is it, you know also, is it when it comes to the Hill, is it bipartisan? Is that a chance to move? Is it bicameral, and is this something that's going to be relevant to our CEOs and CISOs and membership? So this year, you know, if you'd like, I can go ahead and listen. I know we're going to talk about them individually, but the list did not change. We kept the same five from last year. And I think that's partly because, you know, it's not that things don't change much year to year in DC. They certainly changed a lot this year, but these are the issues where we kind of still think things are going to be moving that are important, what have you. So the five that we've got this year, and I'll be I'll be succinct here, because we'll talk about about it more later, but it's improving and encouraging the adoption of.gov domain for states and local. Governments. It's supporting the state and local cybersecurity grant. It's strengthening the state cyber workforce. It's issues related to artificial intelligence, and it's also you have one about harmonizing cyber security regulations. So those are kind of the five things we're focused on this year, and they're informed, like I said, by what's going on in DC, but it also goes the other way too. It's informed what's going on in the States. And we want to highlight, especially when it comes to state side, workforce and artificial intelligence, what's going on at the state level, to our federal partners.
Sam Hardin:Yeah, absolutely, like you said, there's only five there, but there's a lot to unpack with those five. I mean, it's, you know, as I was reading some of you guys recommendations and what you guys put out. It's like, oh yeah, there's a lot that, you know, if you're not in it every day and exposed to it, you don't always think about this stuff. And that kind of leads me to the first item, which is the.gov domain. Yeah, when I was reading that, I was like, I just thought that would have been taken care of, and that would have been everybody's using it. And I just really, you know, that's something that I think is really important for security purposes. But like, I just, I just kind of figured everybody that I talked to, whether it's in state or federal government, has a.gov domain that, yeah, that, you know.
Alex Whitaker:Well, you are, it is very reasonable that you would think that, because that is what we want everyone to sort of go towards. I will say that, you know, the feds are there most kind of, again, at the Enterprise Architecture level in the States. I can't think of any exemptions, but most of the states are all there. There may be some agencies that don't have it for whatever reason. Maybe they kind of are legacy then, and they have a website, perhaps for tourism or what have you. Yeah, that they want to keep that. But generally, the states are where we really see a challenge is local governments. And there's a few reasons that local governments haven't adopted.gov one, I think, is in from is kind of the information issue and just sort of not knowing that it's an option. So I'll give you for an example. I think I was at a National League of Cities event a couple of years ago, and we're talking about.gov and how great it is, and a city council member stood up and said, you know, that's great. You know, my city, we just all went to.org isn't that great? And we said, Well, we appreciate the motivation, but you still got another stuff to go and, and that's not to, you know, embarrass that city council member. It's because, you know, I get it. It's sort of, you don't know all the time about.gov I think sometimes, too it's an issue of being a little concerned about, you know, associating a service or something with the government. You know, we have a lot of states, and folks in local areas are a little bit stressful the government. So there may be a practical reason to not want to go to.gov and in the past, it's been cost, but nacio has advocated and really helped to eliminate the cost of adopting.gov there's now no fee for it. So there's a lot of reasons why local governments are not adopting or have not adopted.gov and we get all those reasons we respect them. You know, nacio does not come in heavy handed on this stuff, but where we can, we want to explain, you know, why it's important. Because, you know, we've really seen it is one of the absolute most effective and easiest ways to prevent fraud, to safeguard user data, what have you so, so we are always going to be pushing.gov as long as we can.
Sam Hardin:Yeah, it's kind of like, let's provide the information that supports the reasoning behind going to it, you know, like, I think you said it great. It's like, we're not bringing down the heavy hand, but like, hey, check out this information. It's pretty important. And that should probably kind of turn people to be like, Oh, I see now, yeah, I think you're kind of right on that. It's just the, it's kind of just the you don't know what you don't know. And then exactly once somebody puts in front of your face, you're like, Okay, got it. So this might be a silly question, on on, on my side, and this kind of just shows my my ignorance on this subject a little bit. But like, so who maintains? And if you don't know, I recognize I'm getting a little bit into the weeds here, but who maintains, like.gov security and stuff like that?
Alex Whitaker:So like for these people that are looking at that, like what that is run out of CISA. And so our friends at CISA, they have responsibility for.gov some really great folks over there who maintain and oversee this program. It was at GAO, but it moved over to CISA a few years back. So CISA is kind of the, they're the folks to get in touch with if you want to do.gov adoption. And they, again, like I said, they've got some really just outstanding folks who maintain this. They're the ones who kind of go to go in and maintain the databases to tell you what's available. And you know, how to, how to get your, you know, get everything sort of up to date and squared away with your addresses. So we're also always sort of advocating for funding, not just for CISA, for a number of reasons, but also for the.gov adoption section, because they do such a great job of maintaining and developing this so so CISA are the folks who are are really helpful in keeping. Dot gov go in, and I think they've recently received some plus up in funding and have hired some new full time employees. So we're really happy with that.
Sam Hardin:Yeah, absolutely. And just to get for those that don't know that it's a cyber security and infrastructure security agency.
Alex Whitaker:Please. That's a terrible DC thing.
Sam Hardin:Okay, so let's talk about on the topic of funding. Let's get into the state and local Cyber Security Grant. I know that was one of the topics as well. So I'm fairly certain it's pretty obvious. But, you know, let's, let's stake it here right now that the growing importance of cyber security across the country. I mean, it's a huge deal. It looks like, from from your guys's report that there is, there's some money here that's kind of come from the federal government through what was it, the the infrastructure investment JOBS Act, or the correct, I've heard it referred to as the i j, or the bipartisan infrastructure law. So, yeah, can we talk about a little bit that? Because, sure, one thing that's a little bit, you know, and for me that's not as familiar with what goes on in DC, like when I originally looked at this bill and what it was, you know, when it was introduced in the House, it was like for stuff that I really wouldn't apply to cybersecurity. But I think what nacio is saying is like, hey, no, it's been amended, and now there's actually money trickling down to the state level that that can be used for cybersecurity.
Alex Whitaker:Yeah, absolutely. So as you said, this was passed with ij, and it's a separate sort of little carve out program that was created brand new to focus really explicitly on state and local cyber security preparedness and really focus on local and I'll get into that in a moment. But this is a program that nacio has advocated for for years and years, and, you know, to some way get some dedicated funding to the state so that they can address some of these cybersecurity issues, because states are, you know, they're doing really well on their own. Well, they're they're taking it very seriously on their own to address cybersecurity. But, you know, certainly federal funding is something that that is really going to help, and sometimes without a specific appropriation from your state legislature, it's just not possible to do some of these improvements, kind of given the way that the the office of the CISO and the CIO are set up and that they usually they don't just have the funds to pull out to address cybersecurity. So this grant program was included in ij, and it's a billion dollars over four years, with the majority of the money. Gosh, the numbers are almost alluding me at this point. I'm so into it, but I think it was about 80% was supposed to go to the locals. Now the local money to local entities, and that can be so the way that NASA has advocated to spend this money, and CIS and FEMA have been mostly fine with this, is that states are often getting the money from the federal government and then providing services to local government. And this is where we bring in.gov again. One of the services can be helping local governments do more.gov adoption, or it could be assessments or training or what have you. So it's a way that Congress has really tried to put some money down to the local level to improve cybersecurity. And so that's the, that's the quick sort of overview. But let me stop there and see if there's any questions or anything else I might be able to elaborate on.
Sam Hardin:That's good. That's interesting, that it's, it's like, I would have thought it was just money, just directly to, like, update the infrastructure. And so maybe it is, maybe I'm so maybe that is my question. It's like, Is it money directly going to, you know, hey, ramp up this, the cyber security infrastructure, or is it more? Because you kind of mentioned services. So I just wanted to clarify, like, what?
Alex Whitaker:It's, it's kind of both. So okay, states are taking kind of a hybrid approach with this money, because, again, the money has to, ultimately, 80% go to the locals, to local governments, but, but there's two paths that you can well, three, really, two, three paths you can get there. One, you could just write a check to local governments that apply. But what we've seen in that, in order to maximize this funding, you know, if you just write a check to every local entity. I mean, that could be hundreds of local entities, and then at that point, as one of our CIOs jokes, and says, that's, that's basically a t shirt that says, Don't forget to update your password, right? It doesn't really, it's not really the way to maximize the money. Totally. Yeah. So there are some states that are writing substantial checks to individual. Local entities, but, but they might also be providing services as well. Most states are doing kind of a hybrid approach, so they'll select a few local governments that apply and provide the money for X services and but yes, you know, infrastructure is also something that's, that's applicable or allowable under the money. So it's, it's kind of states are getting a lot of leeway and local governments to decide how to use this funding. And we've already seen, I mean, there are all kinds of wonderful success programs that we can point to. Again, going back to.gov New Hampshire has this awesome program that they've they've stood up using state and local cyber security grant funding. That is, they call it.gov in a box. So you your local government, you sort of apply, and you get all the tools that you can get your city over to.gov pretty quickly and efficiently. And they're using state and local cyber security grant money for that. And we've seen a lot of other examples, too, of states being able to improve their cybersecurity posture. And I can't always go into all the details, but you know, they are finding very, you know, examples of intrusions and preventing cybersecurity attacks, and they can trace directly back to that state and local cybersecurity grant money. So it's a really effective program, and we hope it's continued, and I'm happy to speak about that as well, yeah, well, yeah.
Sam Hardin:And I'm glad that you elaborated, because that once you started explaining it, it made way more sense to me that it's like, yeah, just writing a blank, not a blank, but, you know, writing a check for, you know, a state or local government saying, hey, go figure this out. Like that, I could definitely see how that might not always be the most you know, responsible way to do that, like there might be state or local governments that that need the support, whether it be through the services or even just here's how you would do this. Here's you know, how you determine whether it's effective or not. Like some of those tools are also absolutely necessary in this realm, when we're talking about cybersecurity. So thank you for explaining that initially.
Announcement:Technology evolves at warp speed. If you're not using tools that keep you ahead of it, you'll be stuck in a cycle of chasing progress and constantly falling behind. GL solutions helps government agencies run, grow and adapt, keeping them ahead of the curve. GL solutions, customized software solutions for government agencies will help you modernize, digitize and automate your regulatory software systems and increase your agency's capacity to serve the public. Since its founding in 1999 GL Solutions has been innovating and evolving its regulatory agency software and related services today, GL suite is driving agency transformation by digitizing operations for scores of local and state government agencies and departments nationwide, including human services departments, medical, dentistry, chiropractic and pharmacy boards, gaming and gambling control boards, firearms licensing agencies and more. Don't let evolving technology leave your agency behind. Let geo solutions empower you to run, grow and adapt to the future, to begin transforming your agency and to learn more. Visit glsolutions.com today.
Sam Hardin:That seems kind of interesting, but then I'm like, no, they, they would need support on that, especially, you know, when we're reaching down to those levels, so awesome. Thank you so much for that well, and so, yeah, go ahead and talk about, like, the continued support.
Alex Whitaker:So that, you know, the the program itself was, was, sorry, was, you know, outline for four years. So we are coming up on the end of the program under i j so nacio is very much, you know, we're very clear that we'd like to see this program reauthorized in some way. You know, we were certainly open to changes and ways to make it better, but we really want to make sure that it's continued. Additionally, though, we've had a conversations with with folks on the Hill about making sure that that last year of funding is also not targeted for any callbacks. Because, you know, so we so we see this money is very important. We want the program to continue. And I think there's a couple of reasons why I want to sort of point to the successes too. Because we have, you know, we've got metrics to say, okay, X governments have adopted.gov or presented X attacks, or what have you. But there's a couple other metrics that we think are really important too, that are a little harder to quantify. One of those is just the relationships that have been improved between state and local governments when it comes to cybersecurity, because the plan requires that these entities talk to each other. So you have folks in the states and the local governments who have never spoken to each other before, but now they get on the phone and they have meetings together to really talk about why this stuff is important. So that's one thing. The other thing too is that states are really desperate for stability with this program, because they don't want to create things that need that are going to need funding in years five, six and seven, if they they see that it's not there. So. So that's what's really important, to give some certainty and stability to cybersecurity grant funding. Because I think there unfortunately are some folks on the Hill who say, Look, you know, we passed that grant program. Didn't we fix cybersecurity at the local level? Well, you know, of course. So you know, that's what nasty is doing, and we want to just be out there to make sure that folks know, hey, this is a great program. However, it's continued, whatever it's called, we want to make sure that it stays out there, because we've seen so much success with it.
Sam Hardin:Yeah, it's certainly not a one and done type of thing. So yeah, that's that's not the approach we want to take. Yeah. Well, awesome. Okay, well, let's move on to the next one. The next one I had on my list is strengthening state cyber workforce. So I know, I know, personally, just working with with state agencies and departments, this is, this is something that I hear kind of continuously, and a lot is, is at the state level, even, you know, turnover and people leaving the industry. So it seems like that's also something at the federal level that people are talking about and trying to look to support, how do we strengthen the cyber workforce?
Alex Whitaker:Yeah, so this one is especially, you know, it's, I joke that we'll probably have strength in the state cyber workforce up there. I mean, we could probably have it for the rest of nasty as existence, right? Because there's just always going to be these kind of challenges. And at the state level, you know, we know that we cannot ever really compete with with the the big tech companies when it comes to recruiting tech workers, and frankly, sometimes we can't even compete as much with the federal government. But yeah, states are, you know, wonderful places to work, right? I mean, there is so much that can be done, especially if you're kind of a young person coming right out of college. So what we like to do is just make sure that our federal partners are aware of things that states are doing to attract folks, and make sure that they know that there are solutions at the state level as they consider the same problem at the federal level. Because even though at that point, the states and the feds are competing for the same workers. It's all kind of the same goal, right? And that's to improve, increase and improve the state of the cyber workforce. So you know, what we're requesting from the federal government is just to make sure that incentives that are available to agencies to hire at the federal level are also being afforded to state workers to be those scholarship programs or what have you. So yeah, it's really just sort of saying, hey, here are the ways that states are combating these state workforce challenges. And also don't, don't forget about states when you are coming up with solutions. So that's kind of the two big things that we say when it comes to workforce.
Sam Hardin:And can you kind of elaborate on some of the things that that you know, federal and state are doing to to incentivize workers in this area?
Alex Whitaker:Yeah, absolutely so. One, I think that, especially at the state level, that's, that's so great, is training, particularly for younger people. You know, states are under no illusion that if they hire somebody out of out of college, that they're going to have that person for a 20 year career, right? Like that's that's not reasonable, but they may have them for two to four and which time they can train these folks up, get them a lot of experience, and then, in return, they're getting some some really dedicated and really motivated young workers to address a lot of the cybersecurity issues that they're that they're undergoing. So that's one thing, and also telling people who may not be necessarily salary motivated, but they want to come to a place to work that really makes a difference. And state governments are certainly a place where that can happen. So those are some of the things that we look for when we're trying to incentivize workers, but in terms of kind of making it easier to hire, and that sort of thing doing some things that the feds are also doing, but that's modernizing job titles, right? I mean, if you go into a state HR listing, sometimes you you need another dictionary to, yeah, okay, yeah, yeah, yeah. You know, it's just, it's impossible, you know, how do you how do you say, you know, what's a data analyst for a state job that has, like, you know, it's passed by statute what to do in the posting. So that's one of the things too. You know, not always as much to do in terms of financial incentives. You know, states are limited, but there are ways that you can increase the worker pool. A lot of states are also looking at, you know, this is not always the most popular, given the current climate, but making sure that remote work is an option. So yeah, those are kind of some of the ways we're incentivizing. You know, it may not be salary, but there are a lot of other things that states can and are doing to attract great workers.
Sam Hardin:Yeah. I mean, the mission is so important, you know, to serve the public, whatever you know, jurisdiction you're in, at the state, local, federal, it's such an important mission. And I think something that you touched on too, that that I noticed is, yeah, there, it's kind of outdated a little bit in the in the directories and and so it would be really helpful for these job titles to be updated and to be relevant in today's marketplace. You know that for those younger, you know, out of college, people to be able. Say, Yes, this is what I want to do, and this is a great stepping stone. So I think those are great ideas. I mean, I you know, I think that will, that will really help and, you know, I think it's important for us as society to say, you know, this, this mission of these people and these agencies and departments, they actually serve a real purpose. I don't think anybody wants to live in, you know, a society where, you know, foster care children don't have places to go and aren't accounted for, you know. So it's like, yeah, that's really important. So, you know, the people that supporting that mission, they play such a vital role. And so, you know, I think, as I'm sure you guys are already aware, it's like just ramping up and enhancing, like, what is the mission of what we're achieving here? Like, you can really walk away and be like, I made a difference. Yeah, I think that's important to people. So, yeah, okay, well, let's talk about the last one I had on my list. And this is the, this is kind of the biggie for everybody. That causes the anxiety a little bit, also causes a lot of, you know, intriguing thoughts and and what's going to go on. But, you know, artificial intelligence, everybody's talking about it. It's all over the place, so no doubt it would end up on your list. But you know, there's, we got to be careful with AI, especially in the government realm. So you guys have it on your list. So if you could talk a little bit about what you guys are advocating for and reporting.
Alex Whitaker:Sure, yeah, yeah, no. So of course, you know, you can't have a conversation about technology without AI. So I knew we'd get to it. But yes, we added, last year, we added some language about artificial intelligence and NASA really makes two asks of the federal government, be that Congress and the Federal agencies when it comes to AI The first is to please look to the states and work in consultation with them when you were developing federal AI policy. And the reason for that is because states have not been able to just kind of wait on the Feds for when it comes to AI policy, you know, they are so close to their their their citizens, that they have to really start thinking about these things for two reasons, one, to make government services better, but two, to protect data. So states have already developed some really interesting policies when it comes to AI. Those policies kind of range from, hey, here's the cool ways we're using AI to actually, we're not using AI for this, because we're worried about state data. You know, both of those solutions, and it's not really an either or. I just use this as the two extremes. So again, that first one is saying to the federal government, hey, please look to us and work with us, because we we've been doing a lot here. The second ask is to the feds, and if you are going to create mandates, if you are going to make requirements of states, then those requirements are going to require both people and resources to execute on them. So please be aware of that. You know, don't just sort of create this sort of federal policy saying states have to do all this, but then not help them with the tools to do that. So that's kind of where NASCIO is on it, you know, again, AI policies vary so much widely, you know, between all the different entities of government that we don't really get into specifics to say, hey, AI policy should look like this or this or this. We do have some really great resources on our website. Amy Glascock at mascio runs our AI policy and we put out state roadmaps and sort of advice on hiring an AI person. So so we have a lot of resources that don't that are not exactly prescriptive to states, and tell you how to use AI policy, but they do sort of help you sort of to develop that policy. So that's kind of where we're at right now on it. When
Sam Hardin:I think that first point you made on AI is so important that maybe not everybody thinks about, but it's like, yeah, because the state governments are, and you said it very well, are kind of closer to the citizens. It's like they've had to, just out of sheer necessity, implement some of these AI strategies so they they're kind of a little bit more advanced, if you will, than the federal government. I think that's a really good point to make. Is that, like, yeah, there has to be that kind of, you know, bilateral loop, or, you know, kind of full circle there of the federal agencies looking to the state and then the state look working together essentially. Because I that that makes a lot of sense to me, you know, just to set a sheer necessity, they've probably had to address some of this stuff a little bit quicker than than the feds have.
Alex Whitaker:And the other thing too, I'll say, is that, you know, we we're concerned sometimes about the amount of data that private companies have for us. But you know, state agencies in your DMV have more data than on you than than anyone does. And I don't say that, Oh yeah, to scare anyone about. But it's just to be clear that, you know, states are very aware of this, and they don't want to start plugging people's user data into AI algorithms and not be very sure about what's going to happen to the data. So it's also that that as well to just to make sure that that citizens are protected.
Sam Hardin:Great point. Yeah, there. There's a lot of data out there. I can, I can attract. Us to that for sure at the state level, definitely, and then your second point. So one of the things, if, if you know who, what federal agency is kind of responsible for, is, does that go back to the CISA for, AI kind of policy, or how is that generated?
Alex Whitaker:I think it's really kind of a combination of a lot of different offices at both the federal and state level. I mean, with the federal government, you can see the Trump administration just put out their AI Executive Order, which lists a number of green. I mean, it's White House Office of Science, Technology Policy, it's OMB, it's a couple others. And then they're involved. They they have liaisons with the individual federal agencies. It works much the same at the state level. You know, you have your your governor, who may be giving marching orders to develop a certain policy, which then that, of course, pulls in the CIO. But then you've also got chief data officers, chief privacy officers, who are going to be involved in this as well. So this is very much a, I think, collaborative effort. You know, it may be top down when it comes to the president or the governor, saying, Hey, do this, but it's, it's certainly bottom up when it comes to developing what that means and how agencies and folks are going to use the information so, and it's cool to see, you know, it's, it's the DMVs are really, I think, especially really interesting when it comes to AI, because that's, you know, as we said, that is one of the most public facing state organizations, right? And so they really want to improve their efficiency, their, you know, less than their wait times, what have you. So a lot of DMVs are looking at this to say, Hey, how can we use this? But they can't develop a policy in a vacuum. They've got to talk with everybody else in the state and that sort of thing. So it's very collaborative, I guess is what I would say.
Sam Hardin:Yeah, absolutely. I think that's exactly right. I think it's going to have to be so and also too.
Alex Whitaker:I'll just quickly say that's certainly a role for the private sector too. I kind of goes without saying, but the states are working collaboratively with with the private companies who have the solutions to to make sure that they're aware the capabilities, and that private companies have a policy in place to take our user data in that thing as well, and that sort of thing as well.
Sam Hardin:Yeah, absolutely. Okay. Well, let's, let's, I want to talk about some of the conclusions, you know, I'm going to have to ask about Doge. I have, I mean, that is like, you know, yeah, the news lately. So, do you see an impact of Doge on these, on these items or initiatives that we've talked about today? And I don't need, you know, we don't need to go into, like, the intricacies and the details of it. But, you know, when I talk to to people at the state level, there's kind of this feeling of, like, what's going to happen with Doge? Is that going to be positive? Is it going to be negative? What's it going to you know, people are just kind of a little bit on, on edge right now. And I, yeah, I was thinking about, okay, these initiatives, what, what impact, if any, is Doge going to have on those?
Alex Whitaker:Yeah, no, certainly. I mean, you know, I'm not going to say that Doge is good or bad, it's positive or negative, because I think it's, it's, it's difficult to tell with, with any organization, particularly government organization, what the net impact will be. Net Impact will be, but I can say, you know, there are states that rely on federal funding and federal services for a lot of cybersecurity related initiatives and major and measures. So when you see large scale cuts to government at CISA and other places that are resulting in a reduction of staff. You know, we do have to ask, well, what is that impact going to be? You know, is it? Is it going to make it more difficult for a state cybersecurity analysis to report a breach or to confer with their federal colleague when it comes to to a cybersecurity attack? And, you know, I certainly understand the urge to streamline and improve efficiency and cost. And we've seen governors are setting up their own sort of versions of Doge for, you know, which I think are reasonable objectives, which is to identify cost savings. I just worry a little bit about the pace. I worry a little bit about kind of the slash and burn, just because we don't always know what the effects are going to be. So we'll see. You know, again, I am loath to say whether something is good or bad, but we certainly have some questions. And yeah, so we'll see that's, that's my two cents on it right now, yeah.
Sam Hardin:I mean, I think, I think that's a good point. It's like, you know, the downstream effect, are we taking that a consideration. Are we thinking about that? And then, you know, in my world, it's and your world probably too, it's like, okay, so we reduce FTEs or body count, or, you know, people doing these jobs, there's got to be something in place to support that. I. Um, you know. So you want to make sure you have the, you have the solution in mind and in play too. You can't just cut, cut, cut your weight, yeah, efficiency and streamlining, you know? Yeah, you have to have a plan to support that. And so again, I, yeah, I don't, I don't want us to get into good or bad. It's just more of like, hey, here are some considerations with, with going that route is like downstream effects. And then what? What is they planned if you have a reduced workforce? So those are some, definitely, some things to think about. I think we're on the same page there well. And so from your perspective, what do you think which one you don't have to pick one, but which one, which one of the initiatives will have the biggest impact in 2025?
Alex Whitaker:Yeah. I mean, it's, it's interesting. I it's so hard to just pick one. As you said, you know, the state and local cybersecurity grant informs a lot of not just with the grant, but it has a lot of tentacles out to other things, right? I mean, I can connect the grant to have so many other issues, even though it's not the most important funding stream for CIA office, but it just sort of it sort of is a bellwether for some other things. But, you know, we're always wondering in increase and improve the state cybersecurity workforce, AI, we'll see. And then one other you and I didn't talk about too much, and that's okay, but I'll just quickly say harmonization of federal cybersecurity regulations is really interesting, too, and and what we mean when we say there is just sort of streamlining the amount of audits that go on of state agencies, and the ability to kind of transmit data to the federal government. Just it can really involve a lot of man hours for state personnel. So, you know, we're always, we're focused on that too. So I'd say the biggest issue is not necessarily something that we've outlined in our in our advocacy priorities, but it's kind of that broader issue of what we just spoke about with when it comes to Doge and the impact and the posture of Congress and their appetite to fund more state cyber security initiatives. So I think that's kind of where the biggest things are for us right now too. You know, we we have these specific policy points, but all of those are dictated by the appetite of Congress and the administration and what have you to, you know, to help and to work with states on these issues.
Sam Hardin:Yeah, yeah, that's, that's great. And we'll also link the page to your guys' website where you list out these federal advocacy priorities. And I, I do encourage people to go check out the, you know, the regulations between the state and federal, because I do think that's really important too. I just, you know, there's so much to unpack in these items and talk about that. I was like, Okay, I'm gonna have to pick a couple.
Alex Whitaker:I love the cyber harmonization one. But if you're not as familiar with it, eyes kind of glaze over sometimes,
Sam Hardin:Absolutely. Well, alright, Alex, well, if you want to let people know, you know how they can get involved with nacio, how they can get some more of this information, where they can find it, who they can reach out to, you know, I'm sure people are really interested this. These are really important topics, so sure, yeah.
Alex Whitaker:Well, if you are, if you are a state employee, and you work for a CIO or one of those offices. You probably have access to nacio if you haven't checked that out already. But if you are not check out our website, we have a lot of materials and resources that are there, most of which are available to download for free. So check that out. That's a big way also, though, you know, if anyone ever has questions, I'm very accessible too, so my information is on our website, and always happy to chat more about kind of federal priorities and that sort of thing.
Sam Hardin:All right. Well, thank you so much, Alex, your wealth of information, and I appreciate you being on and talking through these items with me.
Announcement:Thanks for listening to this episode of talking SaaS, the podcast of GL solutions. We'd love to hear your thoughts about today's topic and about the podcast in general, reach out to us by clicking on the send us a text link right above the episode description and your favorite podcast app via our contact page at GL solutions.com forward slash contact, dash us or on Facebook and x at GL suite. And you can also connect directly with Sam Hardin and GL solutions on LinkedIn, if you'd like to stay up to date on the latest news and solutions for regulatory agencies, click the subscribe link at geo solutions.com appearance on The Talk and SaaS podcast does not constitute an endorsement of goods or services. The talk and SaaS podcast is copyrighted by geo solutions. All Rights Reserved any redistribution or reproduction of part or all of the content is prohibited without express written consent from GL solutions. The talk and SaaS Podcast is a production of GL solutions and is produced in association with left brain right brain marketing. You can learn more about GL solutions at GL solutions.com and left brain right brain marketing@lbrbm.com you