Who Is the State CISO? Data On Government's Cyberguardians

Cybersecurity is government IT's number one priority, and its importance is only growing. So who are the people charged with protecting government's information? We gathered data on 158 state CISO terms to find out.

by / September 30, 2019
2 of 4

Staying Power

We know that a new governor usually means a new CIO, but what does it mean for the CISO?

As it happens, CISOs are much more sheltered from the political winds — it's when there's a new CIO that a CISO is more likely to leave.

To get a better look at those dynamics, we calculated the "survival rates" when a new governor or CIO takes office — in other words, how often does a CISO stick around when there's a new leader?

We found that CISOs are about twice as likely as CIOs to stay put when there's a new governor, though that number does change depending on whether the governor's seat has changed parties. But whereas CISOs stay in the job 68 percent of the time when a new governor comes in, they only stay 57 percent of the time when a new CIO comes in.

We also found that the average tenure of a state CISO is three years and 10 months.

The longest-serving CISO we found was Agnes Kirk, who led cybersecurity for the state of Washington for 13 years, from 2005-2018. The shortest-serving CISO was Nicholas Andersen, who was in that role with the state of Vermont only nine months from December 2018 to August 2019.

Since this article was first published in the magazine, another state CISO has also left after about nine months: Ronald Buchanan of Washington.

2 of 4
Ben Miller Associate Editor of GT Data and Business

Ben Miller is the associate editor of data and business for Government Technology. His reporting experience includes breaking news, business, community features and technical subjects. He holds a Bachelor’s degree in journalism from the Reynolds School of Journalism at the University of Nevada, Reno, and lives in Sacramento, Calif.

Platforms & Programs