Managing Insider Security Risks

Consolidating IT and centralizing management contribute to workplace stress.

by / December 28, 2008

What's the human factor when CIOs are asked to do more with less? Typically the focus is on technology and IT management when government IT executives try to capitalize on automation as budgets stagnate or shrink. But little is said about the human cost of making fewer workers take on more work, as so many are asked to do now.

Unfortunately when CIOs are under pressure to cut and consolidate, the IT worker's job can become more stressful, as our cover story points out. Less clear is the relationship between the rise in job-related stress and the increase in insider threats that have occurred. Much has been said about what Terry Childs, the rogue network administrator, did when he locked down San Francisco's city and county data networks last July. However, few clues have emerged as to why he did it. Stress? Anger? Frustration? Or just malevolence? We'll have to wait and see.

But as Hilton Collins' article points out, CIOs shouldn't wait to find out if they have a ticking time bomb hidden among their staff. Ken Theis, Michigan's IT director and CIO, has witnessed plenty of worker problems as his state has gone through the wrenching business of consolidating IT and centralizing management of systems and workers. As he points out, CIOs need to mix empathy with communication, while exploiting the situation to introduce innovative solutions. The results can go a long way toward ameliorating what could be an explosive situation in the workplace.

Along with our investigation of tension in the IT workplace, Jackie Gilbert of SailPoint Technologies has contributed an insightful series of recommendations on how to reduce your vulnerability to insider threats. Her article identifies the four most common areas of risk exposure in an organization and what CIOs can do to manage their risk to insider problems.

The December-January issue of Public CIO also pays tribute to the Information Resources Management College (IRMC), which turns 20 years old this year. Considered the first "college" dedicated to government IT, the IRMC has evolved into a top-tier training school for future CIOs, whether they work in federal, state or local government, or even overseas.

Finally I'd like to point out that we've launched a new department within the magazine. CIO Central combines news, book reviews and career information concerning the public CIO community. And for more up-to-date information, be sure to check our Web site.

Have a safe and prosperous 2009.

Tod Newcombe, Editor Editor, Public CIO