Cybersecurity a Big Part of All-Hazards Approach in Oklahoma

Newly hired director of emergency management, Mark Gower, brings to OEM a background in cybersecurity and a network of partners.

by Jim McKay / February 8, 2019
AP/Dominic Lipinski

Emergency managers take an all-hazards approach to preparation, including natural and man-made disasters and, in Oklahoma, that also includes cybersecurity.

Oklahoma Gov. Kevin Stitt recently named the state’s chief information security officer, Mark Gower, as its new director of emergency management, a hire that may reflect the current climate where cybersecurity is a necessity and may soon creep into the purview of more emergency managers.

Gower had been the CISO and state Cyber Command director since 2013. The previous eight years, he was information security officer, and emergency preparedness and response director for the Oklahoma Department of Human Services (DHS).

Including cybersecurity in preparedness and response is necessary to truly have an all-hazards approach in this day and age, Gower said. Emergency managers across the nation will, if they haven’t already, begin to adopt this as more of a focus because of its impact on government agencies and businesses alike.

The ability of government to be open and operational — whether it be to state or city partners or to the business community — is critical and if said government is impacted by a cyberevent, that inhibits that partnership.

“It’s incumbent upon us to have a common platform with everyone striving for the same end so we can all learn from each other and have an implementable strategy that includes response activities,” Gower said. “You’re going to see this adoption and growth across the nation because cyber just isn’t a focus of your IT operations. It really has a major business impact.”

Gower, just a few weeks into the job, hopes to extend his expertise on cyber to local emergency managers so that each can guide a response to cyberissues relating to infrastructure such as the federal government shutdown, or threat of one to water, power, gas or an attack on a 911 call system.

He said emergency managers possess the skill set to adapt to this type of response but need a layer of training to get up to speed.

“We hope to collaborate with our career techs, higher education and national partners to build a recognized training program so we can deliver that back to the locals, and we can hopefully build a citizen corps that gives those resources back to communities,” Gower said.

He said his time with DHS not only versed him on cyberthreats but also enabled him to develop the relationships throughout the state to build-on in his new role.

His preparation and response efforts with DHS were integrated with those efforts of the Office of Emergency Management, and some of his direct work experience focused on identifying vulnerable populations, such as hurricane evacuees, and delivering to them core services and supporting the overall state disaster response.

Gower said that while at DHS he built the state’s cyber command and was able to identify threats and risks for the more than 111 state agencies and the Executive Branch and developed maps and responses to those as well as aiding local school districts in developing cyber-responses.

“Because that topic rose to the fore, we needed to have a coordinated effort on how we deal with cyber-response. That way it’s not just a shallow bench, so to speak,” Gower said. “So we have some part of that already started [with OEM] from the state cyber-response plan.

Now we’re really going to focus not just on that plan itself but as it pertains to executive branch agencies,” he said.

He said the focus will be on critical infrastructure and services around the state that will be defined by local emergency managers as being critical to those local communities.