I was in Wichita, Kansas last week as a guest speaker at their Inaugural Kansas Cyber Summit 2022, which was a crowded event that reached capacity for the venue. This government cyber summit was hosted by the Kansas Office of Information Security and brought together stakeholders from across Kansas: K-12 schools, universities, and state and local governments.
The agenda included an incredible keynote address by DeAngela Burns-Wallace, Chief Information Technology Officer (CITO). I say “amazing” because she is a fabulous, motivational and very knowledgeable speaker on the importance of cybersecurity and its many potential business impacts on government and society at large. I can say without hesitation that Burns-Wallace has a better understanding of cybersecurity than most CIOs, CTOs, or other departmental executives in the public and private sectors around the world.
The title of the presentation by Dr. Burns-Wallace, who is also Kansas’ secretary of administration, was “Cyber Threats to the State and the Opportunities We Have.” Using an abundance of data, she described the upsurge in cyberattacks on governments, new cyberthreats we face at all levels of government and education, workforce development challenges work to attract and retain talent in Kansas, and above all, the imperative of obtaining good solutions in the medium and long term.
Dr. Burns-Wallace outlined what is at stake and what remains to be done as Kansas moves forward, referencing the Kansas Executive Branch’s three-year IT plan that was released on October 1, 2022.
The day’s events were led by Jeff Maxon, who is Kansas’ CISO and one of the nation’s top government CISOs. You can find out more about him in this blog interview. Jeff did an outstanding job of including all sectors in the audience and engaging in frequent discussions on a wide range of topics and questions from the audience.
In addition to interactions with the audience during my own talk covering real ransomware stories from around the world from my book Cyber Mayday and the day afterI really enjoyed the sessions on:
The workforce development theme was unique in that it highlighted the exceptional work carried out by Sharmelle Winsett at KC Scholars. There are many programs in Missouri and Kansas that will help develop the cybersecurity workforce in various ways.
According to their website, KC Scholars:
- Awarded more than 3,000 traditional scholarships to 11th graders, allowing students to continue their college education with little or no debt.
- We have provided nearly 1,000 adult scholarships for high school graduates to return to college and complete their education.
- More than 1,000 high school students have received a KC Scholars’ College Savings Match award to help them actively save for their college future while learning financial literacy.
One of the highlights of the discussion on cyber resources was led by Karen Sorady, vice president of MS-ISAC member engagement and former CISO of New York State. Karen has done a great job going through all of the free resources offered by the Multi-State Information Sharing and Analysis Center (MS-ISAC), some of which I’ve articulated in previous blogs, such as the program mentoring and networking opportunities for state and local governments.
You can learn more about the Kansas Cyber Summit, view photos from the event, and interact with attendees on this Kansas Office of Information Technology Services LinkedIn post.
ANOTHER GREAT MICHIGAN CYBER SUMMIT FOR 2022
The Michigan Cyber Summit has been one of the premier annual cybersecurity events for over a decade, and this year’s event did not disappoint. Michigan’s first Cyber Summit in 2011 featured speakers like former Governor Rick Snyder; Janet Napolitano, Secretary of the US Department of Homeland Security; Howard Schmidt, White House Cybersecurity Coordinator and Special Assistant to the President; and US Representatives John Dingell, Mike Rogers and Hansen Clarke.
As Michigan’s CSO at the time, I wrote about being “behind the scenes” at this event in October 2011, and you can read about it here.
This year Michigan Cyber Summit was once again sold out and the event brought together an incredible roster of speakers from across the country on a wide range of topics. The program exposes the details of these keynotes. Here is just a small sample of sessions:
Cat by the fire – Join our experts for a fireside chat to discuss the hottest topics in the cybersecurity ecosystem. The discussion will focus on the latest issues, threats and innovations in cybersecurity protection. Jen Easterly, Director of the Cybersecurity and Infrastructure Security Agency; Laura Clark, Chief Information Officer, Michigan Department of Technology, Management, and Budget. (Note: US Senator Gary Peters (D-MI) also joined this session as a special guest.
- Roundtable: Automotive IoT – A conversation about connectivity and the cybersecurity ecosystem in Michigan. Never since the days of Henry Ford has the automotive industry experienced such vast and dynamic change. The evolution of connected and automated cars, smart infrastructure, and advances in artificial intelligence and machine learning have placed cybersecurity at the heart of the future mobility movement. This panel of cybermobility professionals is at the forefront of a new digital era and tackles tough topics such as automotive cybersecurity, crafting smart cyberpolicies, automotive cybercrime and preparing for the next generation of cyberworkers while recognizing the value of hackers.
Moderator: Jennifer Tisdale, CEO, GRIMM
- Speakers: Kelly Bartlett, Connected and Automated Vehicle Specialist, Michigan Department of Transportation; Kristie Pfosi, executive director of product cybersecurity, Aptiv; Ronald Kraus, Cyber Specialist, Michigan State Police; Samir Tout, Ph.D., Professor, Information Security and Applied Computing, Eastern Michigan University/GameAbove College of Engineering and Technology
- Featured speaker – Chris DeRusha, Federal Chief Information Security Officer, Office of Management and Budget and Deputy National Director of Federal Cybersecurity, Office of the National Director of Cybersecurity
- Panel discussion: Working together to transform cybersecurity A discussion with state and local information officers on the hottest topics at the forefront of cybersecurity. Topics will include the cybersecurity workforce and how to obtain, train and retain talent. The importance of working together across the state and region to define best practices and provide partnership opportunities for funding. An overview of how CIOs manage and balance ever-changing risks, as well as responding to threat activity and cyber disruptions will also be covered.
Moderator: Doug Robinson, Executive Director, National Association of State Chief Information Officers
Panelists: Tracy Barnes, Chief Information Officer, State of Indiana; Laura Clark, Chief Information Officer, Michigan Department of Technology, Management, and Budget; Katrina Flory, State CIO/Deputy Director, State of Ohio; Hector Roman, Chief Information Officer, Wayne County; Joshua Spence, Chief Information Officer, West Virginia Office of Technology; Art Thompson, Chief Information Officer, City of Detroit
There were many highlights from the cybersummit sessions throughout the day, but here are some of my top notes:
- Election security remains a top priority, and states and CISA are working harder than ever to protect your vote, address insider threats, and counter election misinformation. This rumor and fact website may help from CISA. Also see CISA’s Cyber Threat Shields Up website.
- Cybersecurity is primarily a people issue, with many individual aspects that need to be considered. Everyone needs to get involved for Cyber Security Awareness Month and throughout the year. We need a “Neighborhood Watch” for cyber.
- Cyber tools and capabilities are evolving rapidly, with threats developing globally, including threats from the nation states of Russia and China.
- We all need to provide feedback to CISA, NIST, and DHS.
From state and local CIOs:
- The top priority is the development of the cyber workforce.
- The Ohio government team hires laid-off staff from other Ohio tech companies.
- Many states are removing educational requirements for good cyber jobs.
- There is not a high level of confidence in the overall level of cyber defense at the national or local level.
- “Cyber is not a problem to be solved, but a risk to be managed,” said Josh Spence, CIO of West Virginia.
- The challenges of replacing legacy technologies remain enormous.
- Credential management is a big deal.
- From Tracy Barnes, CIO of Indiana: “Process improvements help with cyber tools and revenue by providing continuity during times of uncertainty.”
- New large-scale attacks and cyber incidents must be addressed with statewide tabletop exercises, said Laura Clark, CIO and CISO of Michigan.
- Art Thompson, CIO of Detroit, is very pleased with the intergovernmental coordination and partnerships in Michigan.
It’s been a whirlwind week for me, but it’s been great making new friends in Kansas and reconnecting with longtime friends from Michigan across all industry verticals.
I think Kansas is well on its way to creating many new successes that cross agency and government silos, and it will be amazing to see where they are in a decade.
And in every state, the upcoming elections will have major impacts on technology and security agendas as people continue to offer the greatest opportunity for success and failure.
BUSINESS1 month ago
Westerham-based financial planning company buys first firm
FINANCE1 month ago
ESFA Update further education: 19 October 2022
AUTO MOBILE1 month ago
Chicago Drives Electric event in Oakbrook Terrace showcases latest EVs, with cars from Chevy, Ford, Volkswagen and more
WORLD1 month ago
Costco is selling ‘world’s largest’ jigsaw puzzle at 29 feet
HEALTH1 month ago
Vergeire not offered DOH chief post, admits reservations