The Case for IT Consolidation: Louisiana is saving millions and better guarding against security threats by centralizing its information technology.

• Author: Crisp, Elizabeth
• Position: INFORMATION TECHNOLOGY - Reprint

Three years after a major overhaul of the way the state controls its information technology systems, Louisiana is saving millions of dollars, and officials say that it's well positioned to protect information from security threats.

Efforts are underway to learn even more about cybersecurity threats and what more can be done.

"Right now, I think the state is in its best posture ever, and we're continuing to improve upon that," Dustin Glover, the chief information security officer in the state's Office of Technology Services, said in a recent interview.

Governor John Bel Edwards (D), through an executive order, created a 15-member "cybersecurity commission" to identify and mitigate the state's risks.

In announcing the group, Edwards said his goal was for the state to "continue our commitment to establishing cybersecurity capabilities and resources in order to adequately maintain the stability of public services while ensuring proper privacy and protection for the data that is entrusted to the state by our citizens."

Edwards has picked Craig Spohn, executive director of the Cyber Innovation Center in Bossier City, to lead the new commission. It will be staffed under the Louisiana National Guard.

Aside from monitoring the state's security measures, part of the council's charge is to foster cybersecurity education programs, research and jobs.

Louisiana leaders say the state is always vulnerable to cyberattacks that aim to breach or damage computers and networks. In addition to potentially costing the state money, those threats also pose privacy risks for residents.

"It's always going to be a target," Glover said.

Representative Barry Ivey (R), who often totes an iPad around the state Capitol, sponsored legislation last year requiring an overview of Louisiana's current cybersecurity measures and other information technology issues. He's on the National Conference of State Legislatures' task force on cybersecurity.

He said he doesn't have legislation in mind just yet, but he hopes that the report due to the Legislature next month will help identify areas where improvements can be made.

"It will help us understand where we truly are vulnerable and assess whether additional funding is needed and where the most critical needs are," Ivey said. "Understanding where the big holes are could help us prioritize the spending."

He said he worries because most breaches exploit vulnerabilities. Without knowing those potential entry points, the state is less...