The governor also appointed a chief information architect, Jeff Sherrard, to build an enterprise system that will support Rinerson's efforts. "We are doing a framework to migrate everyone to some sort of common policies from an enterprise point of view," Rinerson explained. He admitted it will be the culture of agencies and departments, rather than the technology, that will be most challenging.
"When you try to institute an enterprise viewpoint with 22 different departments," he said, "it's more of a collaborative process -- consensus building -- than a 'You will do this.'" The first step, according to Rinerson, is the formation of the Colorado Information Security Task Force with membership drawn from chief information officers of each of the state's departments. In addition, Rinerson is forming a Critical Infrastructure Protection Committee that will align its priorities with the 13 sectors identified by the federal infrastructure board.
Rinerson believes the fact that Colorado Springs is home to the Northern Command is a real advantage that can be leveraged by the state and then passed along to other states. At the same time, the plan is to reach out to local governments. "Counties in the West have a lot of power," he commented. "We are trying to be inclusive in the collaborative model for those who want to participate."
One tool is already in place. The state's Multi Use Network was constructed before 9-11 as a digital divide project and is nearly finished -- linking even rural communities with fiber that can be used the state's homeland defense efforts. Rinerson said that his office will seek "voluntary compliance" with security standards from communities willing to participate. Qwest runs the network for the state.
Asked about the current process of the state delivering federal homeland security funds to local governments, Rinerson said it makes sense, in part, because central distribution might encourage more uniformity and fewer technology "silos."
"The state has to run the standards," he said. "The state is the honest broker in the process." Rinerson expressed this opinion just one day after hundreds of U.S. mayors met in Denver and expressed almost unanimous displeasure with the homeland security funding process that allows states to keep up to 15 percent of the total local grants.
Colorado's security program is quickly moving from paper to reality with groups already in place within an organized structure. Rinerson said the state's top three priorities for infrastructure protection have been identified, and others will follow. "We broke the state into regions, and in each region there is a task force that pays attention to the critical infrastructure," he explained. "They are locals, and they know exactly what to look for." Rinerson declined to name any of the state's priorities for protection under the new program.
Rinerson spent four years as a systems integrator at the Pentagon and, consequently, intends to leverage federal resources as Colorado's security plan matures. He was a career officer with the Army and moved to Denver as Inspector General. He also serves as CIO for the state's Army National Guard. It is this experience with his developed network of resources in the federal sector that Rinerson hopes will help him make Colorado a national leader in the homeland security effort. "I think we are on the forefront in integration from a DoD perspective," he said. He anticipates having the strategic plan in operation as early as this fall.
"We want to institutionalize information security for the state of Colorado," he said. "First, for the internal stake holders and, second, the external assets."
In his role as security chief, Rinerson reports to CIO Leroy Williams in the state's Office of Innovation and Technology.
