Mark Weatherford, chief strategy officer for the National Cybersecurity Center, is the cybersecurity columnist for Governing and a senior fellow at the Center for Digital Government, both of which are divisions of e.Republic. Among his previous appointments, he served as the U.S. Department of Homeland Security's deputy undersecretary for cybersecurity and, before that, as the chief information security officer for the state of California. In the private sector, Weatherford served in senior roles at the North American Electric Reliability Corp., vArmour, Booking Holdings and Aspen Chartered, in addition to advisory roles with a number of technology startups.
The focus has been on the attack's impact on federal agencies and the private sector, but state and local governments need to inventory their vulnerabilities and prepare for a long recovery.
While the Trump White House has done some good things, the president-elect has shown genuine interest in the issue, and more federal resources are becoming available.
Getting away from our continuing reliance on legacy technology and moving toward a centralized organizational model would improve security organizations' ability to meet today's threats.
There is much that they can do to support what state and local election officials are doing to counter efforts by those who would weaken our democratic institutions through distrust and suspicion.
In many ways, our digital infrastructure was unprepared for the pandemic's challenges. Now is the time for a longer-term cybersecurity vision.
Elected officials, agency heads and other government leaders need to understand their organizations' challenges and issues. It's the key to establishing a shared culture of security in a public organization.
In looking for a new chief information security officer, it's tempting to generate a long list of professional qualifications. But these days, technical expertise isn't what the job is really about.
The challenge for government's information security executives is to integrate risk-mitigating technology into core services and processes — and to play the long game.