ANNAPOLIS, Md. (WJZ) — Governor Larry Hogan signed an executive order Tuesday aimed at strengthening cybersecurity in Maryland, including a new entity solely to coordinate cybersecurity efforts.
The order creates the position of the Maryland Chief Information Security Officer and establishes the Office of Security Management and the Maryland Cybersecurity Coordinating Council.
“Security of Marylanders is at the forefront of our administration’s efforts on a day-to-day basis. In today’s world of emerging cyber threats, it is crucial that we work in unity to improve the processes and procedures designed to protect Marylanders and to manage and minimize the consequences of cyber events,” said Governor Hogan. “The steps we are taking today are about ensuring that Maryland’s infrastructure and citizens are as safe as possible from cyber attacks.”
The Maryland Chief Information Security Officer will lead the new office, within the Department of Information Technology.
That office will be responsible for the overall cybersecurity strategy and policy for all state agencies in the Executive Branch, Maryland Department of Information Technology said in a release Tuesday.
They will also lead the charge in updating the Maryland Cybersecurity Manuel to streamline and harmonize efforts among multiple different organizations to work toward a more unified front in cybersecurity.
The MCCC will work to give policy-level guidance on implementing the cybersecurity program as well as give recommendations to build and sustain the capabilities necessary for the state to identify, protect, detect, respond and recover from cybersecurity-related risk, MDIT said.
The MCCC will be made up of state officials in various agencies and departments throughout the state, the release said.
“It is essential that the state’s overall cybersecurity strategy and policy are in alignment with best practices and the latest federal standards and guidelines, such as the Federal Information Security Modernization Act (FISMA) and the National Institute of Standards and Technology (NIST) guidelines,” said John Evans, Maryland’s Chief Information Security Officer.