Rhode Island names first cybersecurity officer

The new official will support the efforts of the chief information security officer and act as the state's homeland security adviser.

The Rhode Island named its first state “cybersecurity officer” on Tuesday.

Mike Steinmetz, a U.S. Navy captain who has worked for the Department of Defense, National Security Agency and the private sector, will now ply his cybersecurity expertise developing security strategy, advising the governor and acting as the state’s homeland security adviser.

He’ll work alongside state Chief Information Security Officer Kurt Huhn, and one of his main projects will be the creation of a Rhode Island-based National Cyber Center of Excellence. Steinmetz’s appointment follows a 2015 recommendation by a state cybersecurity commission to better protect Rhode Island’s digital infrastructure.

“Modern infrastructure is more than just roads and bridges,” Gov. Gina Raimondo said in a press release. “It’s also the digital connections we’re making faster and more frequently than ever before. In the ever-changing technology ecosystem, it is imperative that Rhode Island stay up to speed.”


The state’s newest addition most recently served a dual role as director of strategy and planning and director of governance and compliance within the Digital Risk and Security Division of National Grid, a British electricity and gas company serving the Northeastern U.S.

Steinmetz, who started with the state on Monday, said: “Enhancing our capacity to work together in a dynamic public-private partnership will provide a stronger, more resilient approach to our common security concerns, while supporting innovation and economic growth.”

Rhode Island updated its breach notification laws in June — for the first time in a decade — in accordance with the state’s Identity Theft Protection Act of 2015. The update created new requirements for the state including more specific timeline data to be publicly disclosed, the inclusion of medical and health information, the inclusion of paper-based incidents and a requirement to notify the state attorney general.

The state relieved its chief information officer, Thom Guertin, on March 3, following delays on a new health and human services eligibility system. Delays and technical snags on the $80 million project led the state to withhold $15 million in payments from Deloitte while the issue was resolved.

Latest Podcasts