CISO Compass: Advancing whole-of-state cybersecurity

Home » CISO Compass: Advancing whole-of-state cybersecurity
Release Date: 
04/16/2021

Dear Washingtonians!

I’m very excited to tell you about a new initiative to advance a whole-of-state approach to cybersecurity in collaboration with the National Governors Association (NGA).

Washington state was recently selected as one of four states nationally by the NGA to hold a policy academy over the next several months to advance a whole-of-state cybersecurity posture. The NGA uses the outcomes of its policy academies to promote promising practices across the country.

This initiative is very near and dear to my heart. I have been advocating for this type of approach since I became the Washington state chief information security officer a little over a year ago.

I believe it is imperative that we think about securing the state as a whole. Sometimes we forget that, overall, the public sector is one organization. You may be a state agency, county, municipality, or other government entity, but we all provide services to Washingtonians. 

As we have learned from multiple security threats over the past year, both nationally and in this state, an incident that impacts one organization can have cascading impacts for others. The best way to combat this, as you have heard me say many times in these columns, is to join forces.

We need to really unify the public sector, so that we are operating as one organization when it comes to sharing our expertise, knowledge, threat intelligence and resources.

Washington state is well positioned to move to this next level and improve the state’s overall security posture. We are fortunate to have organizations such as the Association of County and City Information Systems (ACCIS) that bring together local government information security professionals and leaders.

WaTech’s Office of Cybersecurity (OCS) and the Office of Privacy and Data Protection (OPDP) will be working with ACCIS, the governor’s office, the Department of Commerce and many other organizations as part of the NGA effort.

Zack Hudgins, who manages local government outreach for OPDP, noted that strengthening the partnership between state and local government benefits all residents, adding that with this policy academy “we will continue to build better communication, strive for a stronger workforce, and cover both cybersecurity and privacy needs of the whole-of-state approach.”

I completely agree. Together we will move forward to see how we can capitalize on this opportunity.

We will examine things we can do collectively, such as monitoring the state and responding to incidents as a whole so that we all have more information. The theme for us will be how to secure the state.

As I mentioned earlier, one reason to do this is because we have learned that threats can have a cascading effect. But I also believe that with this effort, the benefits also are cascading. Our state in the end will be more secure, which helps everyone.

I welcome your thoughts and ideas and look forward to our continuing partnership to serve this great state. Thank you for all that you are doing.

Vinod Brahmapuram

State Chief Information Security Officer