Florida is poised to overhaul how it manages its information technology following the state legislature’s passage last week of a bill that will combine two existing agencies responsible for IT governance and telecommunications into a single entity. When signed into law by Gov. Ron DeSantis, as expected, it will make official the third time since 2005 that Florida has done away with its IT agency in favor of a new structure.
Under the bill, the Agency for State Technology, which provides unified management of most IT functions, including cybersecurity, will be combined with the telecommunications division of the Department of Management Services, which controls the state government’s data center, phone system, wiring and cabling and video conferencing. In the two old agencies’ place will be a new Division of State Technologies, headed by a chief information officer who will report to the secretary of Management Services.
DeSantis, a Republican elected in 2018, first suggested dissolving AST in February. The agency was only created in 2014, two years after Florida closed down the Agency for Enterprise Information Technology. That office, in turn, had been created after the 2005 elimination of the Florida State Technology Office.
But unlike the two-year stretch between 2012 and 2014 when Florida had no centralized IT authority, the new agency will become active when the new fiscal year begins July 1, AST spokeswoman Erin Choy said Wednesday.
The CIO role, though, has been vacant since January, when Eric Larson, who had been in the job since 2017, resigned following DeSantis’ inauguration. Choy said the merger will be overseen by Heath Beach, the director of the current telecommunications division. While the bill merging IT agencies does not propose any specific cuts to AST’s existing 203-person workforce, Choy said the new blended agency will find “efficiencies.”
“The governor is interested in creating a larger and stronger technology agency, which will involve streamlining a majority of IT functions,” she said.
The overhaul also includes a few changes to the state’s IT policies. Choy said Florida’s agencies will adopt a “cloud-first” approach to procurement, requiring them to consider technologies that do not require additional hardware maintenance or add strain to the state’s data center. The bill also creates a new Florida Cybersecurity Task Force charged with assessing the state’s information security posture. The task force will include the eventual CIO, Lt. Gov. Jeanette Núñez, Chief Information Security Officer Thomas Vaughn and other members appointed by the governor, the leaders of the state legislature and the head of the Florida Department of Law Enforcement.
Before this latest reorganization, the state legislature had attempted to gut AST and do away with centralized IT functions almost entirely. A bill passed in 2017 would’ve eliminated the agency in favor of a seven-person office with no purchasing power and struck the word “enterprise” from the Florida state code. That bill was vetoed by then-Gov. Rick Scott, who called it “inflexible” and “overly prescriptive.”
Choy said the new bill headed toward DeSantis’ desk — which contains several mentions of “enterprise” — is much better policy than the 2017 bill.
“It makes sense to combine efforts and merge agencies,” she said.