Private Sector to the Rescue
Michigan Chief Technology Officer Dan Lohrmann seems enthused by last week's creation of a private-sector cybersecurity alliance that should benefit cash-strapped strapped local and state government struggling to finance their cybersecurity initiatives.
The alliance, led by Lockheed Martin, includes members APC by Schneider Electric, CA, Cisco, Dell, EMC and its RSA security division, HP, Intel, Juniper Networks, McAfee, Microsoft, NetApp, Symantec and VMware. The announcement coincided with Lockheed Martin's opening of its NexGen Cyber Innovation and Technology Center in Gaithersburg, Md.
According to Lockheed Martin, the alliance will engage in customer-focused test scenarios, experiment and end-to-end systems integration pilots.
In his blog, Lohrmann, who served as the state's chief information security officer until his promotion earlier this year, wrote:
"These types of technology alliances are essential to address our growing threats in cyberspace. The 'bad guys' continue to get better, and state and local governments have few if any dollars to invest in testing and research to properly secure new virtualization and cloud computing security challenges. Governments need the private sector to step up and offer these types of test beds.
"As we move forward, issues around identity management, end-to-end trust and cloud security will need to be tested in complex scenarios that state and local government networks will simply not be able to simulate properly. This alliance is a great step towards offering integrated solutions that governments can buy off the shelf."
Though Michigan's economy is reeling, the state is holding it's own in securing its IT assets, Lohrmann said in an interview with GovInfoSecurity.com in June:
"Even though the economy has been very hard, our government has centralized all of IT into one department. We have taken $100 million out of our annual spend in IT. We have gone down from about $500 million to about $400 million a year.
Much of the savings came from consolidating 38 data centers to three.
"We have been fairly fortunate and we have made the business case for security to enable better processes with the reduced amount of IT spend that we do have. So overall we spend about 2 percent of our IT budget on security, which is up from about 1 percent five years ago.
Why has the proportion of the IT budget on security risen? I asked.
"We made the business case that we need. The threat environment has changed so dramatically. We are seeing more malware than ever before, more attacks than ever before, a greater need to protect information, more compliance regulation than we've had. We've had more laws around data, more requirements and there are more expectations. People have more and more mobile devices.
"We have been able to make a good strong case for security in Michigan and build a good, strong team. I certainly would love to have more money than what we have right now, but I think we have done fairly well in a very, very difficult budget environment.
And, in lieu of more money, Lohrmann hopes the work the alliance conducts will benefit governments like Michigan, where every dollar is a precious resource.