Louisiana CIO shares ransomware’s silver lining

While a ransomware attack so severe it warrants an emergency declaration is never a welcome event in state government, it can provide a unique learning experience.

Following a ransomware attack in July that affected several school districts in Louisiana, Gov. John Bel Edwards declared an emergency, mobilizing additional support from around the state in an attempt to prevent the malware from spreading.

But state Chief Information Officer Dickie Howze told StateScoop in a video interview in October that the state had been fairly well prepared for response thanks to some earlier planning and that the event had some positive outcomes. The formation of a 15-member cybersecurity commission, of which Howze is a member, and a new cybersecurity entry in the state’s emergency protocols, provided the state some additional structure and guidance during a period of frantic confusion.

The state helped the school districts recover from the attack without paying a ransom and they were back online before school started, even with the ransomware having infecting systems just two weeks before students would arrive.

“We were able to access all of these resources to come to the table and help us,” Howze said. “We collected the evidence so the forensic evaluation piece of it could move forward in its own way, a lot of resources in my Office of Technology Services dispatched to go help on the ground and meet up with our partners. Companies sent people to help us and they activated teams to come by and help us work through this process.”

Helping school districts isn’t a typical responsibility for OTS, though it does support the Louisiana Department of Education, but Howze said the incident afforded his office a chance to build new relationships across the state and flesh out processes that would later prove useful.

“It forged a really unique opportunity and we made friends with all sorts of people in the school districts across the state because we led conference calls with them early on after having identified a set of six or seven phases of things we wanted to go do immediately so you could determine whether you did or did not have a problem,” Howze said. “The phases were something that was a really quick win for us and we prevented a much larger number of districts becoming impacted.”

Howze probably didn’t want the state to face another disruptive ransomware attack (though it did — state agencies were hit with a second attack in November that yet again prompted Bel Edwards to declare an emergency), but it turned out there was a silver lining to the school district cyberattack, he said.

“It was a very unique experience,” Howze said. “We are better technologists as a result of having the opportunity to go out there and see what life is like at the school district level.”

Howze on his top priorities and projects:

“The governor and his administration are extremely supportive of our initiatives and have given us a lot of funding to try to retire as many of the legacy systems that have been running in some cases have been running in some cases decades.

Howze on how he sees his role changing in the future:

“The CIO role in the consolidation is vital to drive the ship. We have 130 people on board, so it’s a lot of staff to manage and we handle every facet of the provision of technology services to the executive branch of state government.”

These videos were produced by StateScoop at the National Association of State Chief Information Officers’ annual conference in Nashville, Tennessee, in October 2019.