New Cybersecurity Center in Pennsylvania Aims to Help Fend Off Attacks
The Pennsylvania State Capitol in Harrisburg. Nathan Kresge / Shutterstock.com
Connecting state and local government leaders
Keystone State’s former CIO: “We’re trying to improve security awareness, information, specifically in the government space in state, county and local government.”
Charlie Gerhards sees the potential for cybersecurity threats everywhere, particularly at the state and local level, where most individuals either aren’t worried about attacks or simply don’t have the resources to prevent them.
But the Harrisburg University Government Technology Institute’s Security Center for Excellence co-director believes he’s seeing a wellspring of enthusiasm and interest from local leaders that gives him hope about getting governments around the country better prepared for the inevitable cyber attacks to come.
“We’re trying to improve security awareness, information, specifically in the government space in state, county and local government,” Gerhards, the former chief information officer of the Commonwealth of Pennsylvania, said in a recent interview with GovExec State & Local. “We all know that the number of cyber breaches are increasing and becoming more sophisticated. These breaches have a significant impact on businesses but also on governments—financially even politically.”
A recent study by National Association of State Chief Information Officers reflected Gerhards' concerns about cyber security at the state and local level, finding:
There are risks of breach, exposure and embarrassment. Governors must understand the degree to which their states are under daily cyber attack, the existing frameworks that governments have created to protect the state, and the gaps in their current resources.
Those concerns are supported by a 2012 Federal Emergency Management Agency study which concluded that “[c]yber security was the biggest area of concern for state and local governments with only 42 percent of officials believing their capabilities adequate enough to respond to such a threat and 45 percent of officials said they had no formal program to prevent or fend off an attack.”
Gerhards and others at the Security Center for Excellence say they plan to focus on two major levels: working with state and local governments to improve their approaches to cyber security threats and in testing new methods and technologies to combat these threats.
Gerhards said the center received a major boost both financially and logistically when it was announced that Unisys would be a major sponsor in the endeavor.
“Unisys had approached us and suggested that we consider a security center of excellence,” Gerhards said. “They offered some financial support to help get it going. Shortly thereafter a number of other companies including Cisco, IBM and Symantec heard about it and wanted to get involved.”
In addition to financial support, these organizations are offering their company resources and research to push forward the center’s goals.
Unisys, based in Blue Bell, Pennsylvania, has a long history of involvement in pursuing cybersecurity solutions with the Keystone State, so it made sense for the company to suggest and help sponsor the new center.
"As a leading provider of IT solutions to government agencies throughout Pennsylvania, we welcome the opportunity to assist the Commonwealth's education and innovation programs by providing technical expertise and financial support," Reed Laughlin, vice president of Unisys’ Commonwealth of Pennsylvania team, said in a statement announcing the project. "We appreciate the opportunity to play a role in this effort to enhance the skills and knowledge of government IT security professionals."
The center’s first public effort was to host a meeting of about 125 state and local officials. Representatives from the Department of Defense, the White House and KPMG joined the other organizations already involved in the Harrisburg venture.
“We start with a little awareness, bringing education to local officials, Gerhards said. “Not to scare them but it was an all star group of folks all saying this is a real challenge.”
“Just in the past two years the sophistication of these attacks has increased 25 percent. And unfortunately, there’s often a complete disconnect between people in government positions and their CIOs, who are much more aware of the threats.”
However, Gerhards also said he was impressed by the level of interest from attendees at the center’s first event in December. He said that as government leaders begin to collaborate more with their technology officers that they can then begin to formulate simple and cost effective plans to deal with potential threats.
Although the center’s primary focus will be on working with the commonwealth and local government agencies, Gerhards said he hopes to share innovations and new approaches with other government agencies and organizations around the country.
“This isn’t exclusive. If we can work with other organizations, that’s fine,” he said. “We want to share as much as we can and learn from others as much as we can. We aren’t looking to compete. We’re just looking to be a resource.”
(Top image by Nathan Kresge / Shutterstock.com)