Interpreting the Election: What Are the Government Security and Technology Impacts?

Back in the spring of 2014, speculation was already growing about the significant impact that technology and cybersecurity might have on the 2014 midterm elections.

by / November 9, 2014

Credit: Rob Crandall / Shutterstock.com 

Will the 2014 elections results bring a wave of change to technology priorities within the public sector? How will new governors address the significant cybersecurity challenges that have diminished citizen trust in data protection? Will new chief information officers (CIOs) and other technology leaders be given the necessary resources to deliver lasting improvements? 

These are just a few of the questions that industry observers were asking as the 2014 midterm elections drew near. So what can we learn from the election results?   

Quick History Lesson

But before we answer those questions, it's important to understand why the results from the 2014 midterm elections are such a big deal for the state technology community. So let's quickly look back at the last election cycle.

The 2010 midterm elections brought about significant turnover in state CIOs as a surge in new governors hired new CIOs. These new executives also brought in new teams with new perspectives on technology, security, project management and even new definitions of transparency and efficiency in government.

Governors like Rick Snyder of Michigan and Martin O’Malley of Maryland made technology and cybersecurity top priorities for their administration over the past four years. (Still, those topics rarely came up as campaign issues in Michigan in Maryland.)

Other states, such as Utah and South Carolina, experienced major data breaches in 2012, and opposing candidates made these data breaches a campaign issue in 2014.    

Back in May of this year, Statescoop ran an article called: The great governor shake-up of 2014, which predicted major change was coming in the fall.

“Gubernatorial elections can be game changers — not only in terms of personnel turnover — but they can also cause potential disruptions in implementing long-term IT strategies across the enterprise of state government,” said Carol Henton, vice president of state, local and education at the Information Technology Industry Council.

When the National Association of State CIOs (NASCIO) announced their state priorities for 2015 in October, the importance of  protecting data with good security was clear for all states, regardless of political party or election outcomes.

NASCIO Executive Director Doug Robinson pointed out that data management is a new component of the CIO’s responsibilities. “State CIOs understand the real challenges of data governance and the need for more discipline around the management of state data assets,” Robinson said. “In alignment with these results, we'll certainly have a focus on enterprise data management this year."

In addition, NASCIO President Stu Davis from Ohio, added this comment in a Governing article after the 2014 election:

“We’re anticipating quite a bit of turnover,” Stu Davis, Ohio CIO and NASCIO president, said of this week’s elections. “I think anytime you have a position tied to an administration (that’s elected), you are going to see that.”

On To Wednesday Morning

The 2014 election results answered several important questions, while raising more questions.  

Ohio Gov. John Kasich won a landslide re-election, so Stu Davis will be keeping his job as NASCIO president.

Gov. Nikki Haley of South Carolina also won an easy re-election. Her positive handling of the data breach in 2012 was seen by the voters as an asset, or at least not a significant negative.   

A campaign technology attack that didn’t seem to work in this election cycle was charging that offshoring technology jobs was killing local economies, according to a Computerworld magazine article

Democratic candidates clubbed their Republican opponents in two of this year's election campaigns about their offshore outsourcing records, but to no apparent help.

In Georgia, Republican and now Senator-elect David Perdue, handily defeated his Democratic opponent, Michelle Nunn. His margin was wide enough to avoid a runoff.

In Massachusetts, Republican Charlie Baker (and now governor-elect), had to explain himself after Democratic challenger Martha Coakley, the state's attorney general, pointed to a 2008 photograph by an industry group showing Baker holding an "Outsourcing Excellence Award."

While outsourcing was an ongoing theme in both contests, it's now clear how the issue resonated with voters and whether it mattered enough to swing any votes….

Government Technology magazine writers did a good job of highlighting each state government result and what the potential impact may be for various state CIOs. They begin that article this way:

Voters in 36 states cast ballots for governor in this year's election. In many cases, CIOs didn’t need to worry about whether their job was on the line; in 17 states -- Alabama, California, Georgia, Idaho, Iowa, Minnesota, Nevada, New Mexico, New York, Ohio, Oklahoma, Oregon, South Carolina, South Dakota, Tennessee, Vermont and Wyoming -- IT leaders could sit back knowing their boss was likely to be re-elected.

In 19 states, however, the races were either contentious, or a new governor was inevitable due to incumbents who were term-limited, defeated in the primaries or chose not to seek re-election. In these states, technology leaders kept a close eye on election returns to see if they'd soon need to polish up their resumes….

While I like the analysis from each state, it is important to remember that the election is but one of the drivers for CIO turnover. For example, the ongoing churn in CIOs exceeds the number of turnovers after elections. Stated simply: I expect to see new CIOs within the next six months in several states with re-elected governors.

Andris Ozols, the former chief research analyst for Michigan government, made this comment about the 2014 elections:

The election is distinguished by its association with relatively rapid shifts in priorities, policies, strategies and operational factors taking place in several states. However, the same can happen in a state with the same governor being re-elected or in the middle of a term.

The evolution of the CIO and related roles and the relationship among them may receive a boost from elections. While cyber, particularly when it is in tandem with physical security, has developed a distinct identity in part driven by palpable threats and over several gubernatorial terms, largely independent of elections, roles such as data/analytics and innovation may be provided an accelerated path to free standing functions by the increased gubernatorial emphasis on modernization and redesign of government.

David Stegon highlighted 10 states that will see new governors next year after the state elections, while describing the accomplishments of a few outgoing administrations.

Meanwhile, the Pew Trust provided this timely analysis of the impact of election results and what they generally mean for CIO and CISO turnover. Here’s an excerpt:

Although turnover can be disruptive, (former Delaware CIO James) Sills sees an upside. “It’s a healthy thing to bring in somebody new from time to time to challenge the status quo,” he said.

Other factors also prevent states from quickly adopting new technology and moving at the private sector’s innovative pace, Sills said. And it’s a challenge for state CIOs, regardless of how long they’re on the job.

Information technology is a huge, expensive and sometimes politically risky proposition — when it fails, as it did during the rollout of the federal government’s health insurance exchange website, the fallout can cost people their jobs. For states, investment in it often involves legislative signoffs and byzantine purchasing requirements not found in business. And applying it to new or different ways of operating often meets resistance from a bureaucratic culture reluctant to change, he said.

What's Next at the National Level?

Looking at a national level, TheHill.com suggested that a cyber bill could become law during the lame duck session:

House Homeland Security Committee Chairman Michael McCaul (R-Texas) says his cyber information sharing bill has an 80 percent chance of becoming law during Congress’ lame-duck session.

“It might be the one bill that passes this Congress and gets signed into law,” he said Tuesday at a Bloomberg Government event.

McCaul’s bill, which would allow the Department of Homeland Security (DHS) and private sector to share cyber threat information, has the administration’s backing and passed the House in July. At a Monday briefing, McCaul was told Senate discussions on the bill were going well.

Several other sources agreed that cyber legislation is likely to pass, but it remains to be seen how the immigration debate after the election might change that sentiment on over the next several months.  

Wrap-up

Politico.com now has a “Morning Cybersecurity (MC)” section which provides a daily update on the intersection of politics and cybersecurity. My view is that this prominent attention speaks volumes about the importance of technology and security in the lives of every American.

What did they focus on after the 2014 election? The answer is departing and arriving political leaders who understand the cybersecurity topic.

With House Intelligence Committee Chairman Mike Rogers (R-Michigan) not running for re-election to Congress, a prominent voice on cyber issue will soon be gone.

Newly elected congressman and cybersecurity professional Will Hurd says he looks forward to getting into “the weeds” of cyber policy when he arrives in Washington in January. MC caught up with Hurd fresh off his victory over incumbent Democratic Rep. Pete Gallego on Tuesday. The former CIA undercover officer, computer science major and adviser to a boutique cybersecurity firm said he hopes to be a leader on the issue in the next Congress. “It’s in my background and it’s in the issues of the day, so what better person to lead on this issue than someone who understands some of the detail, and who has experience with these issues, and how it impacts the government and the business community as well?” Hurd said.

Expect more governors, state legislators and other elected leaders to step up in the same way as we head into 2015.  Technology and cybersecurity remain critical enablers of campaign promises, but they can also become disabling concerns, if not handled properly. 

Dan Lohrmann Chief Security Officer & Chief Strategist at Security Mentor Inc.

Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.

During his distinguished career, he has served global organizations in the public and private sectors in a variety of executive leadership capacities, receiving numerous national awards including: CSO of the Year, Public Official of the Year and Computerworld Premier 100 IT Leader.
Lohrmann led Michigan government’s cybersecurity and technology infrastructure teams from May 2002 to August 2014, including enterprisewide Chief Security Officer (CSO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) roles in Michigan.

He currently serves as the Chief Security Officer (CSO) and Chief Strategist for Security Mentor Inc. He is leading the development and implementation of Security Mentor’s industry-leading cyber training, consulting and workshops for end users, managers and executives in the public and private sectors. He has advised senior leaders at the White House, National Governors Association (NGA), National Association of State CIOs (NASCIO), U.S. Department of Homeland Security (DHS), federal, state and local government agencies, Fortune 500 companies, small businesses and nonprofit institutions.

He has more than 30 years of experience in the computer industry, beginning his career with the National Security Agency. He worked for three years in England as a senior network engineer for Lockheed Martin (formerly Loral Aerospace) and for four years as a technical director for ManTech International in a US/UK military facility.

Lohrmann is the author of two books: Virtual Integrity: Faithfully Navigating the Brave New Web and BYOD for You: The Guide to Bring Your Own Device to Work. He has been a keynote speaker at global security and technology conferences from South Africa to Dubai and from Washington, D.C., to Moscow.

He holds a master's degree in computer science (CS) from Johns Hopkins University in Baltimore, and a bachelor's degree in CS from Valparaiso University in Indiana.

Follow Lohrmann on Twitter at: @govcso