Ransomware drives West Virginia to new endpoint detection and response

The ransomware trend’s influence is extensive, elevating cybersecurity’s stature among the public and in organizations’ private planning meetings, but also in guiding budgets. West Virginia Chief Technology Officer Joshua Spence tells StateScoop in a recent video interview that threats of ransomware instigated a procurement for new endpoint detection so the state  can keep better watch over its networks.

“Ransomware is absolutely a significant threat that we face today. One of the things we’re looking at is we wanted to find some opportunities to advance the security posture quickly. So we’re implementing some best practices,” Spence says. “We saw an improvement on our endpoint detection and response system, so we’re in the process of going through that procurement process now and we want to implement those on critical services immediately.”

Spence says the state is also seeking to become more aware of its vulnerabilities. Through information-sharing organizations such as the Multi-State Information Sharing and Analysis Center and federal agencies like the Department of Homeland Security, intelligence is easy to come by, Spence says. But discerning the potential impact to systems, he says, is more difficult as that requires actionable data from the state’s business units.

Further complicating matters, there’s no readily available way to assess potential impact on various systems in state government, though officials in Virginia are currently piloting a risk model designed to assign dollar amounts to various systems the state operates that will allow policymakers to assign resources accordingly.

In West Virginia, Spence says quantifying impact is difficult because every agency thinks its mission is supremely important.

“Usually the entity feels like whatever they do is extremely important and although it does have an important role, it may not be the most important from the larger perspective of the state,” Spence says. “So we’re working with the business side to help get on the same page of assessing potential impact so that we can put dollars where they matter most.”

Spence on his top priorities and projects:

“So what we’re trying to do is we’re pushing out procurement around data center or infrastructure as a service. It’s our data center 2.0 initiative.”

Spence on how he sees his role changing in the future:

“What we see is there’s a lot of different complication with technology as it becomes more advanced and with the speed of the change, it’s going to be difficult to be able to do everything in house.”

These videos were produced by StateScoop at the National Association of State Chief Information Officers’ annual conference in Nashville, Tennessee, in October 2019.