HomeMichigan2022 State Cyber Summit summarizes the state of Kansas and Michigan
2022 State Cyber Summit summarizes the state of Kansas and Michigan
October 30, 2022
Table of Contents
Cyber Summits were held last week in Michigan and Kansas, with hot topics ranging from workforce development, ransomware, and rising global cyber threats. Here is the summary.
October 30, 2022 •
I was in Wichita, Kan. last week as an invited keynote speaker at the inaugural Kansas Cyber Summit 2022, which was packed to the brim with a hit-and-miss event. This government cyber summit was organized by the Kansas Information Security Bureau and brought together stakeholders from all over the state of Kansas: elementary schools, universities, and state and local governments.
The program included an amazing inaugural speech by Chief Information Technology Officer (CITO) DeAngela Burns-Wallace. I say “amazing” because she is a great speaker who is motivating and very knowledgeable about the importance of cybersecurity and its many potential business implications for government and society. I have no hesitation in saying that Burns-Wallace has a better understanding of cybersecurity than most CIOs, CIOs, and other cabinet directors around the world in the public and private sectors.
The title of Dr. Burns-Wallace’s presentation, who also serves as Secretary of the Kansas State Administration, was “Cyber Threats to the State and the Opportunities We Have.” Using a large amount of data, she presented a wave of cyber attacks on governments, new cyber threats facing all levels of government and education, the workforce development challenges of attracting and retaining talent in Kansas, and most of all the need to find a solution that is appropriate for medium and long term.
The events of the day were led by Jeff Maxon, who is the CISO in Kansas and one of the leading CISOs in the government in the country. You can find out more about him in this blog interview. Jeff did an excellent job of including all sectors with the audience and engaging in frequent discussions on a wide range of topics and audience questions.
In addition to interacting with the audience during my own speech covering real ransomware stories from around the world taken from my book Cyber Mayday and the day after tomorrowI really enjoyed the sessions on:
The topic of workforce development was unique as it highlighted the outstanding work carried out by Sharmelle Winsett at KC Scholars. There are many programs in Missouri and Kansas that can help you increase your cybersecurity workforce in a variety of ways.
According to their website, KC Scholars:
More than 3,000 traditional 11th grade scholarships have been awarded, enabling students to pursue university education with little or no debt.
Provided nearly 1,000 adult scholarships for high school graduates to return to college and complete their studies.
Given over 1,000 high school students, the KC Scholars’ College Savings Match, which helps them actively save for their college future while learning financial skills.
One of the most important discussions about cyber assets was led by Karen Sorady, who is vice president of MS-ISAC member engagement and former New York State CISO. Karen did a great job reviewing all the free resources offered by the Multistate Information Sharing and Analysis Center (MS-ISAC), some of which I have posted on previous blogs, such as the mentoring program and networking opportunities by state and local authorities.
The Michigan Cyber Summit has been the most important annual cybersecurity event for over a decade, and this year has not disappointed. Speakers such as former Governor Rick Snyder attended the first Michigan Cyber Summit in 2011; US Department of Homeland Security Secretary Janet Napolitano; Howard Schmidt, White House Cybersecurity Coordinator and Special Assistant to the President; and US Representatives John Dingell, Mike Rogers and Hansen Clarke.
As the CSO of Michigan at the time, I wrote about being behind the scenes at this event in October 2011, which you can read about here.
This year’s Michigan Cyber Summit sold out again and the event had an amazing line-up of speakers from across the country covering a wide variety of topics. The program details these guiding ideas in detail. Here is just a small sample of the session:
Chat by the fireplace – Join our fireside chat experts to cover the hottest topics in the cybersecurity ecosystem. The discussion will cover the latest issues, threats and innovations in cybersecurity protection. Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency; Laura Clark, Director of Information, Michigan Department of Technology, Management and Budget. (Note: US Senator Gary Peters (D-MI) also joined this session as a special guest.
Panel Discussion: Automotive IoT – Interview on connectivity and the cybersecurity ecosystem in Michigan. The automotive industry has not experienced such tremendous and dynamic changes since the days of Henry Ford. The evolution of connected and automated cars, intelligent infrastructure, and the development of artificial intelligence and machine learning have placed cybersecurity at the heart of the future mobility movement. This panel of cybermobility specialists is pioneering the new digital age and tackles challenging topics such as automotive cybersecurity, intelligent cybersecurity policymaking, automotive cybercrime and preparing the next generation of cyberspace workforce while recognizing the value of hackers.
Moderator: Jennifer Tisdale, CEO, GRIMM
Panelists: Kelly Bartlett, Connected and Automated Vehicle Officer, Michigan Department of Transportation; Kristie Pfosi, Executive Director of Product Cybersecurity, Aptiv; Ronald Kraus, Cybernetics Officer, Michigan State Police; Dr. Samir Tout, Professor of Information Security and Applied Computer Science, Eastern Michigan University / GameAbove College of Engineering and Technology
Featured speaker – Chris DeRusha, Federal Director of Information Security, Office of Management and Budget and Deputy National Director of Federal Cybersecurity for Cybersecurity, Office of the National Director of Cybernetics
Panel discussion: Working together to transform cybersecurity Discuss the hottest topics at the forefront of cybersecurity with state and local information officers. Topics will include cybersecurity personnel and how talent is acquired, trained and retained. The importance of working together across the state and region to identify best practice and provide funding partnership opportunities. It will also discuss insight into how CIOs manage and balance evolving risk, and respond to cyber threats and disruptions. Moderator: Doug Robinson, Executive Director, National Association of Leading State IT Professionals
Panelists: Tracy Barnes, Chief Information Officer, Indiana; Laura Clark, Chief Information Officer, Michigan Department of Technology, Management and Budget; Katrina Flory, state chief information officer / associate director, Ohio; Hector Roman, Chief Information Officer, County Wayne; Joshua Spence, director of information for the West Virginia Office of Technology; Art Thompson, Director of Information, City of Detroit
There were many highlights from the Cyber Summit sessions during the day, but here are some of my highlights:
Election security remains a top priority, and states and CISA are working harder than ever to protect your vote, deal with confidential threats, and address the disinformation that accompanies elections. This rumor and reality site can help CISA. See also the CISA Shields Up website dedicated to cyber threats.
Cybersecurity is primarily a human issue, with many individual aspects that need to be addressed. Everyone must attend Cybersecurity Awareness Month and all year round. We need a “neighborhood watch” for cyber.
Cyber tools and capabilities are evolving rapidly and threats are increasing worldwide, including threats to nation states from Russia and China.
We all need to provide feedback to CISA, NIST and DHS.
From state and local CIOs:
The highest priority is the development of the workforce in cyberspace.
The Ohio government team hires redundant workers from other tech companies in Ohio.
Many states remove step-by-step requirements for good cyberspace work.
There is no high level of confidence in the overall level of cyber defense at the state or local level.
“Cyber is not a problem that can be solved, but a risk that must be managed,” said Josh Spence, CIO in West Virginia.
The challenges of replacing older technologies remain enormous.
ID management is a big deal.
From Tracy Barnes, CIO in Indiana: “Process improvements help cyber-tools and rotation, ensuring continuity in uncertain times.”
New large-scale attacks and cyber incidents must be addressed through state-of-the-art cyber exercises, said Laura Clark, CIO and CISO in Michigan.
Art Thompson, CIO in Detroit, is very pleased with the intergovernmental coordination and partnership in Michigan.
It’s been a tumultuous week for me, but it was great to meet new friends in Kansas and reconnect with longtime Michigan friends from a variety of industries.
I think Kansas is on track to create a lot of new successes that transcend agency and government silos, and it will be amazing to see where they are in a decade.
In all states, the upcoming elections will have a big impact on technology and security programs, and people will continue to offer the best chance of success and failure.
Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker, and author.
See more articles by Dan Lohrmann
*** This is the Lohrmann Security Bloggers Network syndicated blog on cybersecurity by Lohrmann on cybersecurity. Read the original post at: https://www.govtech.com/blogs/lohrmann-on-cybersecurity/2022-state-cyber-summit-recaps-from-kansas-and-michigan