Hogan Executive Order Aims to Bolster Cybersecurity

Governor Larry Hogan today signed an executive order aimed at strengthening the State’s cybersecurity infrastructure. The Maryland Cyber Defense Initiative establishes a State Chief Information Security Officer, the Office of Security Management, and the Maryland Cybersecurity Coordinating Council.

“Security of Marylanders is at the forefront of our administration’s efforts on a day-to-day basis. In today’s world of emerging cyber threats, it is crucial that we work in unity to improve the processes and procedures designed to protect Marylanders and to manage and minimize the consequences of cyber events,” said Governor Hogan. “The steps we are taking today are about ensuring that Maryland’s infrastructure and citizens are as safe as possible from cyber attacks.”

According to a press release:

The Maryland Chief Information Security Officer will lead the Office of Security Management. The office, located within the Department of Information Technology, is responsible for the direction, coordination, and implementation of the overall cybersecurity strategy and policy for all state agencies in the Executive Branch. The SCISO and Office of Security Management will also lead the efforts of updating and disseminating the Maryland Cybersecurity Manual which will serve to direct and harmonize efforts among multiple organizations working towards unified cybersecurity goals.

“It is essential that the state’s overall cybersecurity strategy and policy are in alignment with best practices and the latest federal standards and guidelines, such as the Federal Information Security Modernization Act (FISMA) and the National Institute of Standards and Technology (NIST) guidelines,” said John Evans, Maryland’s Chief Information Security Officer.

The MCCC will provide policy-level guidance regarding the implementation of the cybersecurity program as well as work alongside internal and external stakeholders to provide recommendations to build and sustain the capabilities necessary for the state to identify, protect, detect, respond, and recover from cybersecurity-related risk. The MCCC will be comprised of state officials representing numerous agencies and departments throughout the state.

Read the full press release for more information.