Michigan’s chief security officer is moving on. Dan Lohrmann has had a 17-year career with the state that included stints as a departmental CIO, chief information security officer and chief technology officer.
In 2009, Lohrmann was named one of Government Technology's Top 25 Doers, Dreamers and Drivers. In 2008, Governing magazine named Lohrmann one of its public officials of the year, and his career reaches back to a time when cybersecurity in state government was essentially nonexistent. After Aug. 1, Lohrmann will leave the state to join Security Mentor, a small security awareness training firm, the company announced on July 29.
“It’s really exciting,” Lohrmann said. “I’m passionate for training people and helping people to understand the impacts of their actions, really the nontechnical users, because as we head toward the Internet of Things and everyone having a smartphone and the Internet has become an integral part of our lives. For me, it’s helping people understand the importance of protecting themselves in cyberspace.”
Continuing his work in cybersecurity is only natural given his beginnings, Lohrmann said. “My first days they said security is in my blood,” he said. “My first job was at the National Security Agency and their thing was ‘security is our middle name.’ I love security. It’s what my passion is.”
When Lohrmann later joined Michigan in 1997, he was working to prepare for Y2K, he said. He saw Michigan become the first state government to launch a dot-gov domain, watched how 9/11 changed the outlook of security professionals and witnessed a decade of data and people centralization. The cliché of doing more with less defined that decade as government budgets were slashed, especially in Michigan, Lohrmann said.
Lohrmann became the state’s chief technology officer in 2009 and described it as a wonderful experience. But he was happy to go back to security, becoming the state's chief security officer in 2011. “I learned a tremendous amount,” he said. “I really saw firsthand how to eat my own dog food, if you will, from a security perspective, how to deliver services in a customer-focused way and how to keep improving.”
The state’s work during Lohrmann’s tenure didn’t go unnoticed. The National Association of State Chief Information Officers has consistently recognized Michigan as a leader in public-sector technology over the past 15 years. In 2011, Michigan took home five of the 10 NASCIO awards given that year.
Having now been a chief technology officer, Lohrmann said he prefers working in security. The reason, he said, is that security is a positive force that enables other things to happen, and that’s an important lesson, but one he didn’t learn until midway through his career. In 2004, the hot new thing was Wi-Fi, and Lohrmann was against it.
“There were all these stories about wardriving [searching for Wi-Fi in a vehicle] and people sitting in parking lots and breaking into Home Depot and Lowes and all these places,” he explained. Lohrmann was reading white papers and seeing nothing but security problems with the new technology, and then suddenly Wi-Fi was coming to his work world. His executive team, led by CIO Teri Takai, had a goal of installing Wi-Fi in all their conference rooms.
“We had this meeting and I said, ‘Well, we can’t do it. Not secure. Bad idea. I’m vetoing the project,’” Lohrmann recalled. “Well, Teri Takai said, ‘I want everybody to leave the room but Dan.’ So they all left the room. She said, ‘Dan, if that’s your answer, you can’t be the CISO in Michigan.’ And I was stunned. I’m like, ‘What?!’ She said, ‘Let me tell you something. I understand all these problems. I understand all these things you’re doing, I understand why you’re saying it, but I’ve been to Dow, Ford, Chrysler and GM, and they all have Wi-Fi in their conference rooms. So you need to figure out what they know that you don’t know and then come back and tell me how we’re going to do it securely. And we’re giving you one week.’
“That was a real paradigm shift for me. That changed my outlook. Of course, I kept my job and we learned from our private sector partners. We did Wi-Fi. We actually won some awards for our Wi-Fi two years later, but it was really, ‘How do I provide security as an enabler?’”
Lohrmann said he’s been lucky to have had such a great career. “I’ve had a real exciting run in state government,” he said. “It’s always changing, always new opportunities, always something fun to work on, and never a dull moment in the security shop.”