As reported by Government Technology Magazine last week, Michigan is merging physical and cyber security. I will be moving to the newly created role of Michigan Chief Security Officer (CSO) in October. The reaction from my friends and colleagues from around the country has been all over the map – ranging from “Great move” to “Are you really ok with this?” Here’s a brief look at some of my thoughts about the change and the technology and security industries as we head towards 2012.
When I moved to Chief Technology Officer (CTO) and Director of Infrastructure almost three years ago, I didn’t think I would be returning to focus full-time on security. I was broadening my scope of duties and vastly expanding my horizons by running the day to day back-office functions like networks, datacenters, office automation, project management, client service center, field services and enterprise architecture. I took a crash course in developing budgets and rates for our services. No doubt, I was “drinking from a fire hose” the first year. I had to implement many of the security policies and procedures I had created as CISO – and that was not easy. A few of my early thoughts included, “What was I thinking when I signed that restriction?”
We’ve had our struggles – such as increasing our percentage of virtual servers and improving communication with our front-office technology partners who lead our customer service efforts with agencies. We still need to expand communication further across the Michigan. Our new CIO David Behen is serious about customer service improvements with agency directors – so this is happening.
As expected when I took the job, we’ve had some tough outages as well as unwanted news headlines. We survived a large incentivized retirement. Those hard days come with the technology management territory.
At the same time, I was blessed with an excellent staff. Our directors were motivated and focused. My number one strategy: more teamwork and cross-group collaboration. Thanks to their daily efforts to build relationships, I believe that we function much more as a single infrastructure entity now and not seven unique divisions. I truly enjoyed our pioneering efforts in cloud computing in government. I’m proud of the continual drop in rates and improvements in technology and communications service that we’ve seen despite fewer staff. We continue to be recognized as a government leader. Serving as Michigan CTO has been hard but rewarding work.
Back to the Future:
Now on to a new role. Why? I must admit that this next career step seems a bit like the movie, Back to the Future 2 for me. That is, I’m in the process of doing many of the same things that I did in 2002 when I became Michigan first CISO and started building our Office of Enterprise Security.
I thought that if I ever went back to security, it would be in Washington DC or in the private sector. Indeed, I had offers and looked hard at those tempting options. My thanks go out to colleagues who helped in that job search. Over time it became clear that Governor Snyder was (and is) very serious about growing Michigan into a global leader in cyber security within government and the private sector. The opportunity here was very compelling and reignited my passion with an expanded CSO role.
Building on our successful past and our Governor’s technology experience as CEO of Gateway, we are developing an aggressive strategic plan to make a global difference in cyberspace. One near-term example is the Michigan Cyber Summit on October 7. We will be the national kickoff for Cybersecurity Awareness Month. Our summit agenda is exciting and impressive.
I know that many readers are in government service because they feel a calling to help in ways that go beyond a paycheck. Others want minimal travel so that they can focus on family priorities. Some love their job and look forward to coming into work and using their God-given abilities to change their community, state and/or global industry for the better. These are some of the reasons I accepted this new CSO challenge. I also think it is time for me to focus on where I can the most beneficial impact.
Changing World – Cyber and Physical Security:
Much has changed – including the security threat. While computer security was growing more complex and important, cyber crime has now become the new growth industry. Security is a part of everything that government does, and our virtual world and physical worlds are merging. This is not just seen in delivering government services, but in homes across the globe with users of Facebook, Amazon.com, virtual world training and more. We need to be enablers of the bright side of the Internet.
While many experts are proclaiming that we’re in a global cyber war, I prefer to think about our current Internet challenges as more like invasive species that threaten our online ecosystem. (I must give credit to our Michigan Governor Rick Snyder who was the first one that I heard use this analogy.) We are threatened by foreign and domestic adversaries who are attempting to exploit both the physical and virtual aspects of our society. Sure, a cyber war is possible and perhaps even probable at some point in the future, but I wouldn’t use that term to describe our situation yet.
Our critical infrastructures, such as the electrical grid, are at risk. We need to partner in new ways across public/private organizations and local/state/federal/international governments. (Yes, we work with Canada in Michigan, and I am sure that southern states interact with Mexico.)
Sorry for rambling a bit in this longer blog, but this is a new direction for me. I wanted to share some of my thoughts on this change. I am excited about the new opportunities that are available in Michigan government. My friend Will Pelgrin, CEO at the Center for Internet Security, was right when he told me that I would be back to security before too long. It seems all roads lead to security for me – whether physical or cyber.
As far as this blog goes and my writing for Government Technology Magazine and PCIO Magazine – I’ll still be here, under a new name, probably “Lohrmann on Cyber Security.” The switch will occur over the next month or two. In the meantime, I will continue to write about government technology infrastructure and cyber. Feel free to send me a note or write a comment on topics you’d like me to blog about. I’m always interested in your thoughts.