State

Minnesota CISO Aaron Call steps down

Call, who started with the state government in 2014, is now the chief information security officer for insurance carrier WPS Health Solutions.

By Benjamin Freed

December 26, 2019

(Getty Images)

Aaron Call, Minnesota’s statewide chief information security officer for the past two years, resigned last week for an IT security job in the health sector. Call’s last day was Dec. 20, officials said.

Call is now the CISO at WPS Health Solutions, one of the biggest health insurance companies in the Midwest, according to his LinkedIn profile.

Former Minnesota CISO Aaron Call (Minnesota Information Technology Services)

Call had been with Minnesota IT Services since 2014, when he was hired as a director of information security as the agency was being formed from the consolidation of several predecessor organizations. At the time, he was tasked with overseeing the merger of a dozen IT security operations being combined into what is now known as MNIT.

He was promoted to state CISO in November 2017, following the departure of Chris Buse, who had been the first person to hold that role. At the time, Call said he was focused on boosting Minnesota’s spending on cybersecurity, particularly in the wake of incidents like an episode in which the state tourism bureau’s Facebook page was commandeered by an unknown person who posted morbid jokes about medical examiners. Call sounded that alarm again in January when Gov. Tim Walz took office, especially as MNIT muddled through the troubled — and ultimately abandoned — development of a vehicle registration system.

“If the money isn’t invested, then we’ll continue to see failures,” Call told the Minneapolis Star-Tribune.

But Minnesota suffered more digital vandalism in August when hackers briefly defaced a pair of state websites with “anti-government” messages, though the state’s security operations center — which Call helped established during his time in public service — was able to quickly repair the sites and begin investigating the malicious activity.

In a written statement, Minnesota Chief Information Officer Tarek Tomes said MNIT will “miss” Call.

“With Aaron Call’s leadership and support, MNIT developed a mature state-level security operations center, one that provides monitoring and response capabilities that extend beyond just the executive branch agencies to help protect counties, cities, schools and libraries across the state,” Tomes said. “I am grateful for Aaron’s service to Minnesota. He built a strong team at the state, one that is positioned to navigate the challenges brought by global security threats and the opportunities brought by evolving technology.”

In the interim, Call will be replaced by deputy CISO Rohit Tandon, a former IT security analyst at the Mayo Clinic in Rochester, Minnesota, who joined MNIT in June.