Gov. Hogan creates CISO position for State of Maryland - Technical.ly Baltimore

Civic

Jun. 19, 2019 11:44 am

Gov. Hogan creates CISO position for State of Maryland

The new chief information security officer role, which is being assumed by John Evans, comes amid a series of moves designed to centralize the state's cybersecurity efforts.
The Maryland State House in Annapolis.

The Maryland State House in Annapolis.

(Photo by Stephen Babcock)

Gov. Larry Hogan on Tuesday signed an executive order that’s designed to centralize the state’s cybersecurity activities aimed at preventing attacks and protecting data.

“Security of Marylanders is at the forefront of our administration’s efforts on a day-to-day basis. In today’s world of emerging cyber threats, it is crucial that we work in unity to improve the processes and procedures designed to protect Marylanders and to manage and minimize the consequences of cyber events,” Hogan said in a statement. “The steps we are taking today are about ensuring that Maryland’s infrastructure and citizens are as safe as possible from cyber attacks.”

The executive order creates three new roles and entities within state government under the banner of the Maryland Cyber Defense Initiative:

  • The position of Maryland Chief Information Security Officer, to be assumed by John Evans
  • The Office of Security Management, which is located within the state’s Department of Information Technology
  • Maryland Cybersecurity Coordinating Council, comprised of state officials from multiple departments

According to data compiled by the National Conference of State Legislatures, at least 15 other states have statewide CISOs.

Evans previously served as CISO for the state’s Department of Information of Technology. The new role will extend statewide, and Evans will lead the Office of Security Management. This office will be responsible for overall cybersecurity strategy and policy for the many state agencies that fall within the executive branch. It will also be tasked with updating the state’s cybersecurity manual.

Along with applying best practices from federal government agencies like Maryland-based NIST, these efforts will help align efforts and goals across multiple organizations.

For its part, the Maryland Cybersecurity Coordinating Council is tasked with providing policy-level guidance as cybersecurity standards are implemented. It will also work alongside stakeholders from inside and outside government to provide recommendations on securing the capabilities necessary to “identify, protect, detect, respond, and recover from cybersecurity-related risk,” the governor’s office stated.

Advertisement

While officials are often touting the state’s talent when it comes to cybersecurity, this executive order is focused on the internal work of protecting public data.

The executive order states that the moves comes as there is an increase in the “volume and capabilities of malicious actors seeking to negatively impact the confidentiality, integrity and availability of State systems and data.”

There’s been increasing focus on cyber threats to state and local governments in recent weeks. Locally, that’s come into focus with the ransomware attack against the City of Baltimore.

In Washington, D.C. on Tuesday, the Baltimore attack was referenced as two U.S. senators introduced legislation that’s looking to enable the federal government to provide resources and training to state and local governments that can help detect risks to infrastructure, The Washington Post reported.

Companies: State of Maryland
-30-
CONTRIBUTE TO THE
JOURNALISM FUND

Already a contributor? Sign in here
Connect with companies from the Technical.ly community
New call-to-action

Advertisement

Baltimore bought $20M in cyber insurance. Such policies are becoming more common

Xandr, AT&T’s ad company, partners with Baltimore’s clean.io

IoT security startup ReFirm Labs raises $2M

SPONSORED

Baltimore

Get to know SmartLogic’s culture of plants, podcasts and productive client relationships

Philadelphia, PA

Vistar Media

QA Engineer

Apply Now

Philadelphia

Vistar Media

Sr. Software Engineer

Apply Now

Philadelphia

Vistar Media

Front End Engineer

Apply Now

These Howard County cybersecurity companies formed a biz partnership

How DreamPort is creating space for collaboration on cyber challenges

Annapolis’ SIXGEN grabbed the win at DEFCON 27’s Capture the Flag

SPONSORED

Baltimore

Entrepreneurs, think it’s too early to engage a legal partner? It’s not.

Baltimore, MD

14 West

Lead Qlik Developer

Apply Now

Baltimore, MD

14 West

Qlik Developer

Apply Now

Baltimore, MD

14 West

Senior Qlik Developer

Apply Now

Sign-up for daily news updates from Technical.ly Baltimore

Do NOT follow this link or you will be banned from the site!