Colorado embraces holistic cybersecurity policy

Chief Information Officer Suma Nallapati describes how she’s working to foster cyber collaboration among state IT leaders.

With her state facing 8.4 million cyberattacks each day, Colorado Chief Information Officer Suma Nallapati thinks the time is right for state IT workers to incorporate security into every part of their jobs.

Nallapati said she’s spending the next few months leading a statewide review of the state’s infrastructure to see what areas need a refresh. But that kind of analysis can only go so far, she said. She’s working to foster a more collaborative mindset among state agency staffers.

“It’s not ‘If’ and ‘Or,’ it’s ‘You need to work together,’” Nallapati told StateScoop at the National Association of State Chief Information Officers’ annual conference in October. “Everybody is mandated to take the security training, and then, as part of our project governance, we make sure that security is a big, important task even before it goes through the gating process.”

Nallapati added that she has encouraged the state’s chief technology officer and chief information security officer to work together as well, to ensure that all of the state’s IT leaders are focused on security.

“You can’t embark on a technology strategy without the cybersecurity framework that should go along with it,” Nallapati said. “It’s citizens’ data and we need to be very respectful of that.