IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

North Carolina CIO James Weaver Names State Chief Risk Officer

With more than 23 years of IT leadership experience in North Carolina, Rob Main will work with CIO James Weaver to reinforce the state's cybersecurity programs and infrastructure as the state's new chief risk officer.

information security_shutterstock_85035682
Yesterday afternoon, North Carolina CIO James Weaver named Rob Main state chief risk officer, adding to the state’s Department of Information Technology leadership team.

In June, Main was named interim state chief risk officer after serving as deputy state chief risk officer for two years.

In his newly minted role, he will develop, deliver and maintain cybersecurity programs that safeguard North Carolina’s information and support infrastructure.

"I am looking forward to the opportunity to strengthen our partnerships with state agencies, local governments and academic institutions in providing enterprise security and risk management capabilities in the right place at the right time," Main said via email.

He also expressed his plans to address three key concepts as chief risk officer.

The first concept is strengthening the whole-of-state approach to cybersecurity by continuing to build upon the work of the Joint Cybersecurity Task Force in providing proactive and reactive defense capabilities.

The second concept involves increasing the cyber maturity of the state by aligning strategies to strategic business plans and promoting inclusive and innovative education programs to broaden the talent pool of current or emerging cybersecurity practitioners.

The third concept is integrating next-generation capabilities across the enterprise.

In addition to these areas, Main also shared how he plans to tackle the state's growing resource gap.

Currently, there are more than 17,000 cyber-related positions open in the public and private sectors across North Carolina, according to Cyber Seek.

"To meet the demands of increasing cyber threats to state and local governments, we need to think outside of the box in developing a cyber pathway for North Carolina to educate, develop and train those wishing to enter into public-sector cybersecurity positions," he said.

As for working with the NCDIT team to make these goals a reality, Main said, "It all starts with relationships and trust. Too often, a security function in public- or private-sector agencies is looked upon as an obstacle. I will endeavor to help those I support work toward mutually acceptable solutions that manage risk at an appropriate level."

Prior to being deputy state chief risk officer, Main served as the chief information officer for the North Carolina Department of Military and Veteran Affairs, the Office of State Human Resources and the Department of Insurance.

He also served 25 years in the military — first, on active duty with the U.S. Air Force as a communications and computer systems programmer and then with the Air National Guard as a logistics readiness officer from August 1998 until his military retirement in April 2015.
Katya Maruri is a staff writer for Government Technology. She has a bachelor’s degree in journalism and a master’s degree in global strategic communications from Florida International University.