Maryland Adds Directors of State, Local Cybersecurity

Maryland added two new high-level cyber roles to the roster, appointing a director of state cybersecurity and director of local cybersecurity, the governor’s office announced. Both positions are housed in the IT department and report to the state CISO.

Former Howard County CISO John Bruns will be taking up the director of state cybersecurity post, while the director of local cybersecurity position goes to emergency management specialist Netta Squires, Esq.

“Maryland is the cyber capital of America, and these two extremely qualified individuals will help continue that leadership and build on the incredible progress we have made to protect our state’s critical infrastructure,” said Gov. Larry Hogan in a press release statement.

This announcement comes at a time when states are increasingly seeing cybersecurity as a job that’s bigger than the CISO alone and adding new posts. Indiana added a cybersecurity program director role in 2017, for example, while this year saw Ohio establish a cybersecurity strategic adviser position and New York hire a chief cyber officer.

DIRECTOR OF STATE CYBERSECURITY

Maryland’s director of state cybersecurity will work with executive branch agencies to safeguard and “solidify” their IT systems and data, per the release. The director will also collaborate with the state CISO on “developing and maintaining information technology security policy and guidance that is standardized across all state agencies.”

Bruns comes to the post with “over 15 years of experience developing, managing and delivering mission-critical IT security, application and infrastructure projects for government and corporate clients,” according to the press release. That experience includes developing cybersecurity strategies and policies for Howard County and working with other officials to implement detection, prevention and response efforts across county infrastructure.

DIRECTOR OF LOCAL CYBERSECURITY

On the local front, Squires will collaborate with the state Department of Emergency Management to boost cyber preparedness among counties and municipalities and provide other assistance.

Squires’ background appears to position her well for this collaboration: It includes both more than 14 years in emergency management and incident response, plus nearly eight years “specific[ly]” in cybersecurity, the release states. Earlier roles include serving as emergency management specialist for the Montgomery County Office of Emergency Management and Homeland Security.

Squires is also a certified emergency manager (CEM) by the International Association of Emergency Managers and holds a Masters of Science in Law in Cybersecurity and a Juris Doctorate.

Another of her key responsibilities as director will be helping distribute federal cyber money to localities. Specifically, Squires will work with the governor’s Subcabinet on Infrastructure to help administer local cyber funding provided under the Infrastructure Investment and Jobs Act (IIJA). All eyes have turned recently to the State and Local Cybersecurity Grant Program, after the Department of Homeland Security released the Notice of Funding Opportunity last month.