State

Report: Missouri has taken ‘few steps’ to improve outdated IT

Aging systems, vacant cyber roles and administrative shakeups have hampered the state's technology governance, according to a report.

By Benjamin Freed

October 18, 2021

(Wikimedia Commons)

On the heels of Missouri Gov. Mike Parson accusing a journalist who reported a vulnerability in a state-government website of “hacking,” it was reported Sunday that state officials have also taken “few steps” to upgrade their agencies’ outmoded technology.

According to the St. Louis Post-Dispatch, the state’s Information Technology Services Division is running low on professionals with the programming knowledge to work on the aging mainframe systems that power many government services, and that a full replacement is expected to cost more than $83 million.

Moreover, the state has several vacancies in its cybersecurity leadership, following the recent departure of Chief Information Security Officer Stephen Meyer — who is now a consultant with World Wide Technology — and Parson’s apparent failure to make any appointments to a Missouri Cybersecurity Commission, a new advisory board created by recent legislation.

Parson last week was broadly criticized by the cybersecurity and vulnerability-research communities when he threatened to bring criminal and civil charges against a Post-Dispatch reporter who found that a website operated by the state education agency was making teachers’ Social Security numbers visible in its HTML source code. The reporter, Josh Renaud, notified the agency upon the discovery, giving officials time to correct the flaw before the paper ran its story.

Meanwhile, ITSD’s parent agency, the Missouri Office of Administration, was shaken up last week, too, when Parson dismissed Sarah Steelman, who’d served as its commissioner since 2017. Steelman, who was fired along with other Cabinet members, was replaced by Department of Revenue Director Ken Zellers.

Missouri Chief Information Officer Jeffrey Wann, who still leads ITSD, has said he wants to use a portion of the $2.8 billion the state is due under the American Rescue Plan to fund the needed tech upgrades and development of robust digital services, processes he said could take six years to complete.