Letter to the editor

I have several thoughts in response to your editorial titled "From the ground up."

First, the National Association of State Chief Information Officers is not composed of state security officers. In fact most states do not have a designated security officer, they have designated security contacts that do that job in addition to everything else. NASCIO, to its credit, has been attempting to fill the gap, but security is an add-on, not a priority — and rightly so given the organization's mission.

Second, it is anticipated that the national cybersecurity strategy will not address state and local government issues. This has been one of the weakest links in the proposed strategy.

This past year, Colorado created an IT risk management division within its Office of Innovation and Technology (www.oit.state.co.us). This division houses the information security and privacy functions and is dedicated to managing and mitigating IT risk. This is a model that all levels of government should emulate, including the federal government.

In the meantime, the main issues holding up effective security/privacy initiatives in this country are leadership, governance and dedicated resources. To seriously address IT problems, security officers need enforcement and compliance authority and dedicated resources.

To date I know of no state that has the proper tools to do the job. And quite frankly, we must think outside of the box and be prepared to create innovative governance structures if we are going to deal effectively with cybersecurity and cyberwarfare.

No information security officer can successfully monitor his facilities, man the stations, investigate intrusions and try to figure out who's on first all at the same time.

Valerie McNevin


We welcome your comments. To send a letter to the editor, use this form.

Please check out the archive of Letters to the Editor for fellow readers' comments.


  • Workforce
    Shutterstock image 1658927440 By Deliris masks in office coronavirus covid19

    White House orders federal contractors vaccinated by Dec. 8

    New COVID-19 guidance directs federal contractors and subcontractors to make sure their employees are vaccinated — the latest in a series of new vaccine requirements the White House has been rolling out in recent weeks.

  • FCW Perspectives
    remote workers (elenabsl/Shutterstock.com)

    Post-pandemic IT leadership

    The rush to maximum telework did more than showcase the importance of IT -- it also forced them to rethink their own operations.

Stay Connected