government security

Maryland strengthens statewide cybersecurity

To reinforce Maryland's cybersecurity infrastructure, Gov. Larry Hogan signed an executive order creating a chief information security officer position and establishing the Office of Security Management and the Maryland Cybersecurity Coordinating Council (MCCC).

The move is intended to strengthen the state’s cybersecurity posture and prepare it to manage the consequences of a cybersecurity incident. It comes as the city of Baltimore enters its sixth week with a computer system crippled by ransomware. The attack has also affected Baltimore County systems that validate sewer charges. City and county officials said they are unable to verify sewer charges that will appear in 14,000 residents' annual tax bills, according to a report in the Baltimore Sun.

“In today’s world of emerging cyber threats, it is crucial that we work in unity to improve the processes and procedures designed to protect Marylanders and to manage and minimize the consequences of cyber events,” said Gov. Hogan said. “The steps we are taking today are about ensuring that Maryland’s infrastructure and citizens are as safe as possible from cyber attacks.”

The Office of Security Management will be responsible for the "direction, coordination, and implementation of the overall cybersecurity strategy and policy" for executive agencies,  according to the executive order, which also calls for the new office to manage security-awareness training for employees, develop data standards to reduce risk and assist with the development of a digital identity specification that can be used by people conducting business with the state. 

The MCCC will provide policy-level guidance for cybersecurity programs and provide recommendations to help the state to "identify, protect, detect, respond, and recover from cybersecurity-related incidents."  The council will be composed of officials representing 10 state agencies, including the Departments of Budget and Management, Human Services, Public Safety and Correctional Services, Transportation and Emergency Management.

Hogan appointed John Evans as the state's first CISO. Evans will lead the Office of Security Management. He was previously the CISO at the state's Department of Information Technology.

The Office of Security Management, the MCCC and the CISO will be the "driving force" behind the Maryland Cyber Defense Initiative also established in the executive order, officials said.

About the Author

Susan Miller is executive editor at GCN.

Over a career spent in tech media, Miller has worked in editorial, print production and online, starting on the copy desk at IDG’s ComputerWorld, moving to print production for Federal Computer Week and later helping launch websites and email newsletter delivery for FCW. After a turn at Virginia’s Center for Innovative Technology, where she worked to promote technology-based economic development, she rejoined what was to become 1105 Media in 2004, eventually managing content and production for all the company's government-focused websites. Miller shifted back to editorial in 2012, when she began working with GCN.

Miller has a BA and MA from West Chester University and did Ph.D. work in English at the University of Delaware.

Connect with Susan at smiller@gcn.com or @sjaymiller.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.