This week, the National Association of State Chief Information Officers (NASCIO) released it annual State CIO Top Ten Policy and Technology Priorities list for 2026, signaling where state technology leaders are focusing their efforts, and limited resources, in the new year. This year’s list is reflective of the current policy, priority, and funding shifts that have affected SLED agencies most, coupled with the apparent drive towards innovation and modernization.

On December 11, 2025, President Trump signed a new executive order that could reshape how AI is governed in the U.S. This executive order titled “Ensuring a National Policy Framework for Artificial Intelligence,” aims to limit the ability of individual states to enact their own AI regulations, thereby establishing a unified and “minimally burdensome” approach to AI policy nationwide (up until this point, there has been a patchwork of state-level AI regulations).

The One Big Beautiful Bill Act (OBBA), enacted on July 4, 2025, is a significant piece of legislation outlining President Trump's executive agenda and guiding future U.S. tax and spending policies.

On July 23, 2025, the Trump administration released an AI Action Plan, highlighting 90 federal policy directives across three key pillars: Accelerating Innovation, Building American AI Infrastructure and Leading in International Diplomacy and Security. The Plan also supports the tenants of the President’s earlier January 23, 2025, Executive Order 14179, “Removing Barriers to American Leadership in Artificial Intelligence.”

The Samosa Act, a bipartisan piece of legislation which passed the House in December 2024, has been reintroduced in the senate after advancing through the Senate Homeland Security and Governmental Affairs Committee in May 2023 but failing to reach the Senate floor for a final vote.

The 2025 fiscal year-end is right around the corner for 46 states, which means that it’s time to take advantage of those end-of-year opportunities before they are gone. SLED decision-makers are already looking ahead to next year’s budget process and are working to identify the most pressing technology policy and priority areas that will shape future downstream requirements.

The State Risk and Authorization Management Program, also known as StateRAMP, is slated to rebrand itself to “GovRAMP” later this year to more accurately reflect the entire scope of the nonprofit’s mission and support the “whole-of-state” approach to cybersecurity. 

Adhering closely to the U.S. federal government’s top legislative priorities for 2022, state chief information officers (CIO’s) have once again ranked cybersecurity as their top priority for 2022, following an already established decade-long trend in this direction.

Election security is a big topic, but it resembles a many-legged centipede. Federal contractors face the reality that elections are the purview of state, county and municipal officials. The technical and managerial abilities of these entities vary from what you might expect in a tiny hamlet to what you might encounter in a million-person suburban county.

Although state and local technology leaders are increasingly prioritizing cybersecurity in their operations, government has a long way to go in securing critical information and systems from cyberattacks.

In light of this struggle, Route Fifty, in partnership with CrowdStrike, recently hosted a webcast that showcases the work of state and local governments who have undergone a transformation in cybersecurity protocols – and the challenges they continue to face.