Harry Raduege is Senior Advisor & Director of Cyber Risk Services, Deloitte & Touche LLP. ()
When the White House released the Cybersecurity Framework in February, much of the attention around the development and implementation of the Framework, and President Obama’s E.O. 13636, was focused on the private sector. state, local, tribal, and territorial government stakeholders are important assets in the overall drive to improve cybersecurity protections for the nation’s critical infrastructure.
Last week at the 63rd annual Association of Government Accountants Professional Development Training conference in Orlando, we received an update on the progress being made by the state of Florida in cybersecurity preparedness and awareness. On the panel with me was Melinda Miguel, the chief inspector general for Florida. We focused on the topic of “Cybersecurity for the Chief Financial Officer.” Melinda has served in her position for over seven years and has worked for two governors.
When Melinda gave her Florida state cybersecurity status report, it was clear that the state has made tremendous progress in just the last year. Tom Ridge and I last worked with Melinda one short year ago at the Florida Cyber Security Forum. In fact, I just learned that Melinda had come back from vacation in 2013, just to hear what he and I had to say during our cybersecurity presentations and the question-and-answer period conducted by Jessica Blume of Deloitte Consulting.
Within about a week of the 2013 forum, Melinda had launched a full-out attack to improve Florida’s cybersecurity posture. After a year of implementing her strategic efforts and plans, Melinda reported that Florida has taken giant strides in implementing numerous new processes and improvements in addressing cybersecurity issues across the state. She attributes this operational success to a significant collaborative effort by key state personnel from the inspectors general, chief information officers, information security officers, governor’s policy staff, and Florida’s Cyber Crime Office housed in the Florida Department of Law Enforcement.
Additionally, we also learned that Florida now has cybersecurity legislation (HB 7073) passed by the Florida legislature and signed by Gov. Rick Scott. This bill creates a new Agency for Information Technology; creates an inspector general for this new agency; enhances the role of the Florida Cyber Crime Office; and adopts several enhancements to provide for greater governance and security in this space.
The efforts that the state of Florida has taken in improving their statewide cybersecurity posture are important. These entities are the first-line of response when something goes wrong. People will often reach out to local law enforcement and related government agencies first for help. State and local governments vary widely in infrastructure and resources available for securing systems and information. It’s important that work in this area continues to develop and interconnect.
Other states and commonwealths are taking similar aggressive actions and their planning and hard work are delivering much needed results for the safety and security of their valuable infrastructure and their constituents.