How states can improve cybersecurity on a budget
October 19, 2017
Commentary: Isaac Kohen, CEO of Teramind, says some of the biggest threats come from inside the organization and provide an accessible opportunity to tighten the perimeter.
After a few weeks as the state's leading technology official, Eric Boyette shares his outlook for North Carolina's IT future as one of opportunity and partnership.
Colin Wood is the managing editor of StateScoop. Before that, he was a staff writer for Government Technology magazine. Before that, he taught Engl...
Procurement, cybersecurity and innovation will be the three mainstays of North Carolina's technology portfolio under its new chief information officer.
State CIO Eric Boyette, who replaced Keith Werner in April, said he's not necessarily planning on doing different projects than his predecessors, but that his approach would be a little more "hands on." Boyette, has an intimate knowledge of the state government's inner workings, having started in 1995 as a traffic technician at the Department of Transportation and moving on to serve in nearly a dozen other positions. As he transitions into his new role with the Department of Information Technology (DIT), Boyette said he's looking forward to solving some of the problems that were frustrating the staff before he arrived.
"We really want to improve our procurement process," Boyette said. "The vendors and our agencies are frustrated, as well as our internal staff. So we really want to work on what can we do improve our procurement processes and how can we leverage some things now without any kind of general statute change."
Boyette said DIT is now collaborating with the budget office and the Department of Administration to come up with a solution. One piece already implemented is the increased use of cooperative agreements that allow the state to buy from a list of prequalified vendors maintained by the federal General Services Administration. That speeds the process up, Boyette said.
"We're using it right now for cloud," he said.
Cybersecurity has always been a priority, Boyette said, but with the recent WannaCry scare, North Carolina is emphasizing more than ever how important it is. Partnerships can help, Boyette said.
"We're trying to partner with other agencies, like our emergency management group here and our law enforcement community," Boyette said.
The North Carolina Innovation Center — a space for testing new technologies, driving cultural change, training employees with new skills, and encouraging operational improvements — will retain its high priority status under Boyette. As with cybersecurity, Boyette said one of his office's goals is to create new agency partnerships around the Innovation Center.
"We want to make sure that what we have in the Innovation Center is something the agencies are looking to produce and something they have a need for," he said.
Chat bots, blockchain, and smart data centers are emerging technologies the state is also looking into, he said. In all of those areas, "partnerships" is his keyword again.
"The big thing for me is I want to create a stronger interagency collaboration," Boyette said. "I want to make sure we're listening to the agency, which is basically our customer right now. So that partnership is really important to me."
Technology in North Carolina state government is partially centralized. The state began a process of centralizing its IT disparate components last year and has since consolidated several agencies. The budget allocation that prompted the consolidation did not include a timeline, and Boyette said that's a good thing.
"We are still reviewing that process and what we need to do to go forward and make it a successful IT agency and also successful agency statewide and not break the business," he said. "It's just at our pace and we're making sure we do it well."