(State of Missouri)
“Cybersecurity is a continuous journey, and with continued support via appropriated funds, we are committed to enhancing our tool sets to meet emerging challenges,” he said. “Our focus on advancing the use of artificial intelligence for both offensive and defensive measures is crucial, as is our preparation for the encryption challenges posed by quantum computing.”
Ivy said security is embedded throughout state operations, too.
“Complete protection cannot rest on a single tool or partner," he said, "we integrate security into every process, focusing on vital layers such as physical, perimeter, network, endpoint, application, data, identity and the human element.”
The division has previously highlighted identity and access management as part of its broader IT modernization efforts, aligning with those he described.
His team conducts regular assessments and tabletop exercises based on the National Institute of Standards and Technology frameworks to help identify and close gaps. They provide security awareness training, and they also share information about artificial intelligence and its role in social engineering. On top of that, they share cybersecurity intelligence with partners.
The division operates as a centralized IT provider for the executive branch, and the state legislature provides a dedicated cybersecurity budget. Ivy said that while the state uses some federally funded services, their overall impact has been limited.
He added that the layered security approach helps maintain protection even as no-cost services end, and staff continues to monitor federal developments that could influence state-level cyber programs. These include changes within the Cybersecurity and Infrastructure Security Agency organization as well as the State and Local Cybersecurity Grant Program.
Emphasizing relationships as a starting point for stronger cybersecurity, Ivy encouraged peers to engage with colleagues and stakeholders, and to "cultivate a culture of continuous improvement within your organization."
