Letter to the editor

I have several thoughts in response to your editorial titled "From the ground up."

First, the National Association of State Chief Information Officers is not composed of state security officers. In fact most states do not have a designated security officer, they have designated security contacts that do that job in addition to everything else. NASCIO, to its credit, has been attempting to fill the gap, but security is an add-on, not a priority — and rightly so given the organization's mission.

Second, it is anticipated that the national cybersecurity strategy will not address state and local government issues. This has been one of the weakest links in the proposed strategy.

This past year, Colorado created an IT risk management division within its Office of Innovation and Technology (www.oit.state.co.us). This division houses the information security and privacy functions and is dedicated to managing and mitigating IT risk. This is a model that all levels of government should emulate, including the federal government.

In the meantime, the main issues holding up effective security/privacy initiatives in this country are leadership, governance and dedicated resources. To seriously address IT problems, security officers need enforcement and compliance authority and dedicated resources.

To date I know of no state that has the proper tools to do the job. And quite frankly, we must think outside of the box and be prepared to create innovative governance structures if we are going to deal effectively with cybersecurity and cyberwarfare.

No information security officer can successfully monitor his facilities, man the stations, investigate intrusions and try to figure out who's on first all at the same time.

Valerie McNevin


We welcome your comments. To send a letter to the editor, use this form.

Please check out the archive of Letters to the Editor for fellow readers' comments.


  • Comment
    customer experience (garagestock/Shutterstock.com)

    Leveraging the TMF to improve customer experience

    Focusing on customer experience as part of the Technology Modernization Fund investment strategy will enable agencies to improve service and build trust in government.

  • FCW Perspectives
    zero trust network

    Why zero trust is having a moment

    Improved technologies and growing threats have agencies actively pursuing dynamic and context-driven security.

Stay Connected