Maryland Governor. While state and local elected officials love to speak big about cybersecurity, Larry Hogan declared his state the “cyber capital of America.” But getting them to see the issue in its proper context requires careful planning, according to a group of IT leaders at a conference last Wednesday.
First, don’t make it a technology problem.
At the Michigan Cyber Summit, four chief information officers from four states and one from Detroit and the surrounding Wayne County stated that discussions about cybersecurity are more productive when they concentrate on business risks rather than technical issues.
Wayne County CIO Hector Roman stated that he had an open door for the executive. It’s not technical terms.
They don’t care about what’s new or shiny, and it’s all about what you can do for the county to protect itself.”
Tracy Barnes, Indiana’s Chief of Staff to the Lieutenant Governor, was a former chief of staff to the governor.
He has said that he only “rarely” discusses technology with Gov. Eric Holcomb’s circle of friends or state legislators.
Read: Advantages of XDR Security System to Protect Business Data
He said, “Most conversations are based upon the impact of agency missions.” “I believe it’s our responsibility to keep shining the light upon the enterprise.
CIOs who took a less technical approach to cybersecurity said they often run into elected officials hoping that cybersecurity can be resolved permanently rather than being an ongoing problem.
“The fear message that I don’t like, and it creates the belief cyber’s an issue to be solved,” stated West Virginia CIO Josh Spence. Spence was previously the state’s chief information security officer.
He said elected officials are often tempted to ask if the state is “secure.”
Spence replied, “Pretend that I’m a fire marshal.” “Should there ever be a fire, the firefighters will manage it.”
Art Thompson, Detroit CIO, said he has had to be direct with the city’s top brass.
Read: How to Become a Cybersecurity Expert
He said, “When I took up this position, I was asked about the security measures I would need to succeed.” “You want security and protection?” Can you turn off your computer? This is a risk that we discuss in our regular meetings. This is not something we can afford to ignore.
Laura Clark, Michigan’s Chief Information Officer, also serves as the state’s chief Security Officer. Clark said that there is an “ongoing discussion” about cybersecurity with Lansing’s leadership. Clark stated that she is often accompanied by the Michigan State Police or National Guard officials. They also play major roles in the state’s cybersecurity operations, particularly in response to incidents.
Clark stated, “You don’t want the first conversation you have with your governor to be when they’re asking for money or because of an issue.” “Technology is our field, not theirs. It’s not how cybersecurity has become mainstream media that’s important.