Mississippi Lawmakers Approve $3 Million Cybersecurity Operations Center to Centralize IT Services
Mississippi is poised to establish its first cybersecurity operations center (SOC), a significant move in response to the escalating digital threats targeting state governments. This initiative, awaiting the signature of Governor Tate Reeves, reflects a growing recognition among lawmakers of the urgent need for enhanced cybersecurity measures.
Legislative Approval and Funding
Both chambers of the Mississippi legislature recently passed a bill aimed at creating the SOC within the Department of Information Technology Services (ITS). This legislation is designed to serve as a centralized hub for cybersecurity efforts, akin to operations centers in other states. According to a conference committee report, the SOC will function as “an operational arm of statewide cybersecurity” and will facilitate the influx of new cybersecurity talent into the state.
Craig Orgeron, the state’s chief information officer and head of ITS, emphasized the importance of this development. He stated that the SOC represents a “significant step forward” in safeguarding Mississippi’s citizens and infrastructure from cyber threats. Orgeron expressed gratitude to the governor and legislature, highlighting the collaborative effort to create a robust framework for detecting, responding to, and recovering from cyber incidents.
Addressing Cybersecurity Threats
Rep. Bart Williams, a Republican co-sponsor of the bill, underscored the critical nature of cybersecurity, labeling it as potentially “one of the biggest threats our state faces.” He noted that the establishment of the SOC was not a matter of debate but rather a question of its location. The estimated cost for the center is approximately $3 million, with Williams advocating for its placement under the state’s technology department to avoid redundancy. “We don’t need two or three SOCs. This would be a single one,” he asserted.
The urgency surrounding the organization of IT in Mississippi has gained traction among state leaders. A separate bill proposed by state Sen. Scott DeLano aimed to create a new department specifically for cybersecurity. However, concerns about overlapping responsibilities with ITS led to its demise in committee. The SOC may provide a more effective solution for coordinating responses to rapidly evolving digital threats.
Centralizing IT Services
In addition to the SOC, Governor Reeves has approved the Mississippi IT Optimization Act, which seeks to centralize the administration of various state services and reduce redundant contracts across multiple agencies. This legislation mandates a council of agency CIOs to advise ITS on minimizing duplicative services and establishing standards for state technology systems. Williams estimated that consolidating 31 Microsoft email licenses could save the state up to $2 million.
Despite the potential benefits of the IT consolidation bill, skepticism remains. Sen. Hob Bryan, a veteran Democrat in the state legislature, expressed doubts about the bill’s success, citing previous failures in IT procurement. Williams acknowledged hearing “horror stories” from agencies struggling with technology procurement but emphasized the need for a centralized approach. Orgeron concurred, stating that the current framework allows for the elimination of duplication and modernization of systems.
Data Sharing Initiatives
Mississippi is also working to improve data sharing among its agencies. A bill approved last year directed ITS to explore the creation of a “statewide data exchange.” To assist with this initiative, ITS contracted Gartner Consulting to analyze the current state of data integration among agencies. Usman Tareen, a managing partner at Gartner, reported that while Mississippi excels in data security, the existing protectionist measures have led to data silos. He noted that while there is point-to-point data integration, it often results in the replication of data rather than facilitating fluid data movement.
Governance and Oversight Challenges
Despite ITS’s pivotal role in cybersecurity, service centralization, and data sharing, the position of Mississippi’s CIO does not hold Cabinet-level status, which limits direct access to the governor. A bill aimed at elevating the CIO role was recently rejected in committee. DeLano, the bill’s sponsor, had advocated for this change, citing the need for the state’s top technology official to be present in agency head meetings to ensure effective management of technology issues.
The establishment of the SOC and the accompanying legislative measures represent a concerted effort by Mississippi lawmakers to bolster the state’s cybersecurity posture and streamline its IT services. As digital threats continue to evolve, the effectiveness of these initiatives will be closely monitored.
According to publicly available statescoop.com reporting, Mississippi’s approach to cybersecurity and IT centralization may serve as a model for other states grappling with similar challenges.
For the latest cybersecurity developments, threat intelligence and breaking updates from across the Middle East: Middle East
