Recap of the 2022 State Cyber ​​Summit from Kansas and Michigan

Last week saw cyber summits in Michigan and Kansas, and hot topics ranged from workforce development to ransomware to growing global cyber threats. Here’s an overview.

October 30, 2022 •

Dan Lohrmann

Michigan Cyber ​​Summit Keynote. Seated from right to left: Jen Easterly, Director of CISA; Laura Clark, Michigan CIO; US Senator Gary Peters (D-MI)

Last week I was in Wichita, Canada as an invited keynote speaker at their inaugural Kansas Cyber ​​Summit 2022, a packed event that reached capacity. Organized by the Kansas Information Security Administration, this Government Cyber ​​Summit brought together stakeholders from across Kansas: K-12 schools, universities, and state and local governments.

The program included a wonderful opening speech by Chief Information Technology Officer (CITO) DeAngelo Burns-Wallace. I say “amazing” because she is a wonderful speaker who is motivational and very knowledgeable about the importance of cybersecurity and its many potential business impacts on government and society at large. I can say without hesitation that Burns-Wallace understands cybersecurity better than most IT directors, CTOs or other government-level executives around the world.

The title of the presentation by Dr. Burns-Wallace, who also serves as Kansas’ secretary of administration, was “Cyber ​​Threats to the State and the Opportunities We Have.” Using big data, she outlined the rise in cyberattacks against governments, the new cyber threats we face at all levels of government and education, workforce development challenges in attracting and retaining talent in Kansas, and above all, the need to get mid- to long-term solutions.
The day’s events were led by Jeff Maxon, who is the Kansas CISO and one of the top government CISOs in the country. Learn more about him in this blog interview. Jeff did an excellent job of including all sectors of the audience and engaged in frequent discussions on a wide range of topics and audience questions.
In addition to interacting with the audience during my own keynote covering real ransomware stories from around the world taken from my book Cyber ​​Mayday and the day afterI really enjoyed the session on:
The workforce development theme was unique in that it highlighted the excellent work being led by Sharmelle Winsett at KC Scholars. There are many programs in Missouri and Kansas that will help grow the cybersecurity workforce in a variety of ways.
According to their website, KC Scholars:

  • More than 3,000 traditional 11th grade scholarships awarded, enabling students to pursue a college education with little or no debt.
  • It has provided nearly 1,000 adult student scholarships for high school graduates to return to college and complete their degree.
  • More than 1,000 high school students have been awarded the KC Scholars’ College Savings Match, which helps them actively save for their college future while learning financial literacy.
One highlight of the discussion on cyber resources was led by Karen Sorady, who is MS-ISAC’s Vice President of Member Engagement and former New York State CISO. Karen did a great job of going through all of the free resources that the Multi-State Information Sharing and Analysis Center (MS-ISAC) has to offer, some of which I have outlined in previous blogs, such as the mentoring program and networking opportunities for state and local governments.
Michigan Cyber ​​​​Summit has been one of the most important events in the field of cyber security for more than a decade, and this year did not disappoint. The first Michigan Cyber ​​Summit in 2011 featured speakers such as former Governor Rick Snyder; US Homeland Security Secretary Janet Napolitano; Howard Schmidt, White House Cybersecurity Coordinator and Special Assistant to the President; and U.S. Reps. John Dingell, Mike Rogers, and Hansen Clarke.
As a Michigan CSO, I wrote about being “behind the scenes” of this event in October 2011 and you can read about it here.
This year’s Michigan Cyber ​​Summit was once again sold out, and the event had an amazing lineup of speakers from across the country on a wide variety of topics. The program details these key notes. Here is just a small sample of the sessions:

Chat by the fireplace – Join our experts for a fireside chat to touch on the hottest topics in the cybersecurity ecosystem. The discussion will cover the latest issues, threats and news in cyber security protection. Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency; Laura Clark, Chief Information Officer, Michigan Department of Technology, Management and Budget. (Note: US Senator Gary Peters (D-MI) also attended this session as a special guest.

  • Panel Discussion: Automotive IoT – Conversations on Connectivity and the Cybersecurity Ecosystem in Michigan. Not since the days of Henry Ford has the automotive industry experienced such sweeping and dynamic changes. The development of connected and automated cars, intelligent infrastructure, and advances in artificial intelligence and machine learning have placed cybersecurity at the center of the future mobility movement. Pioneering the new digital era, this panel of cyber mobility professionals tackles challenging topics such as automotive cyber security, smart cyber policy making, automotive cyber crime and preparing the next generation of cyber workforce while recognizing the value of hackers.

Moderator: Jennifer Tisdale, CEO of GRIMM

  • Panelists: Kelly Bartlett, Connected and Automated Vehicle Specialist, Michigan Department of Transportation; Kristie Pfosi, executive director of product cybersecurity, Aptiv; Ronald Kraus, Cyber ​​Specialist, Michigan State Police; Samir Tout, Ph.D., Professor, Information Security and Applied Computing, Eastern Michigan University/GameAbove College of Engineering and Technology
  • Selected speaker – Chris DeRusha, Federal Director of Information Security, Office of Management and Budget and Deputy National Director for Federal Cyber ​​Security, Office of the National Cyber ​​​​Director

  • Panel Discussion: Collaborating to Transform Cyber ​​Security Discussion with state and local CIO leaders on the hottest topics at the forefront of cybersecurity. Topics will include the cybersecurity workforce and how to attract, train and retain talent. The importance of cross-state and regional collaboration in defining best practices and providing funding opportunities to partners. How CIOs manage and balance ever-evolving risk as well as respond to threat activity and cyber breaches will also be discussed.
    Moderator: Doug Robinson, Executive Director, National Association of State Chief Information Officers
  • Panelists: Tracy Barnes, Chief Information Officer, State of Indiana; Laura Clark, Chief Information Officer, Michigan Department of Technology, Management and Budget; Katrina Flory, State Chief Information Officer/Assistant Director, Ohio State; Hector Roman, Chief Information Officer, Wayne County; Joshua Spence, Chief Information Officer, West Virginia Office of Technology; Art Thompson, Chief Information Officer, City of Detroit

There were many highlights from the Cyber ​​Summit sessions throughout the day, but here are a few of my key takeaways:

  • Election security remains a top priority, and states and CISA are working harder than ever to protect your vote, address insider threats, and address misinformation around elections. These rumors and reality websites can help from CISA. Also see the CISA Shields Up website on cyber threats.
  • Cybersecurity is primarily a people issue and many individual aspects need to be addressed. Everyone needs to get involved in Cyber ​​Security Month and throughout the year. We need a “Neighborhood Watch” for cybernetics.
  • Cyber ​​tools and capabilities are evolving rapidly, threats are growing globally, including nation-state threats from Russia and China.
  • We all need to provide feedback to CISA, NIST, and DHS.

From state and local CIOs:

  • Cyberspace workforce development is a top priority.
  • The Ohio Government team is hiring layoffs from other Ohio tech companies.
  • Many states are removing degree requirements for good cyber jobs.
  • There is not a high level of confidence in the overall level of cyber defenses at the state or local level.
  • “Cyber ​​is not a problem to be solved, but a risk to be managed,” said Josh Spence, West Virginia CIO.
  • The challenges of replacing legacy technologies remain enormous.
  • ID management is a big deal.
  • Tracy Barnes, Indiana CIO: “Process improvement helps with cyber tools and turnaround by ensuring continuity in uncertain times.”
  • New large-scale attacks and cyber incidents need to be addressed with statewide cyber tabletop exercises, said Laura Clark, CIO and CISO of Michigan.
  • Art Thompson, CIO for Detroit, is very pleased with the intergovernmental coordination and partnership in Michigan.

FINAL THOUGHTS

It’s been a whirlwind week for me, but it’s been great making new friends in Kansas and reconnecting with long-time friends in Michigan from different industries.

I think Kansas is well on its way to creating many new successes that intersect with the strengths of agencies and government, and it will be amazing to see where they are in a decade.

And in every state, the upcoming election will have a major impact on technology and security programs, with people continuing to offer the greatest opportunity for success and failure.

Dan Lohrmann

Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker, and author.

View more stories by Dan Lohrmann

*** This is a Security Bloggers Network syndicated blog by Lohrmann on Cybersecurity, written by Lohrmann on Cybersecurity. Read the original post at: https://www.govtech.com/blogs/lohrmann-on-cybersecurity/2022-state-cyber-summit-recaps-from-kansas-and-michigan

Source

Leave a Comment