Cybersecurity

How ‘Star Trek’ explains the modern state CIO’s cybersecurity role

Delaware CIO James Collins compared an increased focus on cybersecurity in states to an important, but sometimes unappreciated role in the sci-fi franchise.

By Benjamin Freed

October 23, 2019

A model of the Starship Enterprise sits in the National Air and Space Museum. (Flickr / Kai Schreiber)

As recently as five years ago, barely 30 percent of statewide chief information officers reported directly to their governors, a remnant of an era in state government that still placed at least one or two levels of administration between a state’s top IT official and its chief executive. Today, all state CIOs are appointed by their governors and more than half enjoy cabinet-level status.

The change agent, Delaware CIO James Collins said in Washington on Wednesday, has been an expanding focus on cybersecurity as the top priority of state IT agendas. In the span of just a few years, Collins said, he and many of his colleagues now find themselves working alongside homeland security advisers, National Guard adjutant generals and election officials as information security pervades just about every function of government.

It’s a change that Collins suggested makes sense, considering most constituents are more concerned with receiving services efficiently, rather than the inner workings of siloed-off agencies.

“The people don’t see us as branches and divisions and sections,” Collins, who recently completed a one-year term as president of the National Association of State Chief Information Officers, said at a cybersecurity briefing for congressional staffers held by NASCIO, the National Governors Association and other groups representing state officials.

Collins said an easier way of explaining how cybersecurity has raised the profile of the CIO role in state government can be found through an analogy with “Star Trek.” Previously, CIOs were looked to mainly as tech support, while big decisions about government policies were made by officials without much consideration for the technological ramifications.

“I felt like I was down in engineering while [Captain] Jim [Kirk] and Spock were on the bridge cashing checks we couldn’t honor,” he said. “Now I’m on the bridge, helping make decisions for the state government.”

To be sure, the most famous engineer the “Star Trek” franchise’s long history, Scotty, was a high-ranking officer who made frequent visits to the bridge of the Starship Enterprise — a closer analog might be Miles O’Brien, who was promoted from lowly transporter operator on “The Next Generation” to chief engineer on “Deep Space Nine” — but Collins’ analogy was meant to stress the growing need for coordination between IT and other government functions as they continue to safeguard their operations against the latest online threats.

NASCIO Executive Director Doug Robinson, who moderated the panel featuring Collins and other state-government officials, said cybersecurity is no longer about simply preventing the theft of sensitive data, but maintaining the continuity of government, making it a shared responsibility among all agencies.

“It’s a team sport,” he said.

Jared Maples, director of the New Jersey Office of Homeland Security and Preparedness, who said communities and businesses in his state are getting “hammered” with ransomware threats regularly, also said he’s started convening statewide summits to share strategies on dealing with the latest cyberthreats. The most recent one, he said, drew participants from all 565 municipalities in the Garden State.

[ransomeware_map ]

The briefing and panel discussion was also held ahead of anticipated U.S. Senate action on a cybersecurity aid package for state and local governments that NASCIO and other organizations have endorsed. The State and Local Government Cybersecurity Act, introduced by Sens. Gary Peters, D-Mich., and Rob Portman, R-Ohio, would create a new grant program in the Department of Homeland Security to offer direct aid to state and local governments that cannot afford cybersecurity tools on their own.

While the bill has been placed in the Senate’s legislative calendar, it is still being revised and a vote has not been scheduled yet. But another of Wednesday’s panelists, South Carolina State Sen. Thomas Alexander, told congressional staffers that more cybersecurity collaboration is needed between every level of government.

“If you take one principle back to your bosses, let it be that states, localities and the federal government must work together,” he said.