Cybersecurity ‘baked in’ as Va. transforms its IT, state tech chief says

Virginia is centralizing and consolidating its IT infrastructure — while incorporating cybersecurity from the get-go — as its contract for Northrop Grumman to oversee all its systems nears expiration .

Steve Radabaugh, the state’s director of technology services, told StateScoop in a video interview at the National Association of State Technology Directors’ Annual Conference that the state has “come a long way” in consolidating and transforming its IT infrastructure. Now, as the state prepares to move to a multi-supplier approach for its technology platforms, Radabaugh said the consolidation efforts have increased the tech agency’s cybersecurity posture.

“We’ve got a really good handle on what is our customer’s data, the sensitivity of that data, the applications that use that data and then the infrastructure that underpins those applications to support them,” Radabaugh said. “As we transition to a multi-source supplier service delivery model, it’s imperative that security is baked into everything that we do as part of our entire ecosystem.”

Indeed, Radabaugh said the state includes cybersecurity stipulations in every request for proposal or information it releases to vendors, and the state will release an RFP specifically for security services later this year as a part of the second wave of solicitations for new service providers.

In addition to security services, the second wave of solicitations will also include requests for proposals on servers, storage and the service integration function that will coordinate how the state uses technology from different vendors.

Another batch of RFPs, to be completed before the expiration of the Northrop Grumman contract in 2019, will include proposals for the state’s network and end user computing services.

Earlier this year, the state inked a deal with Tempus Nova to help the state transition into Gmail and Google Apps for its messaging services. That deal was part of the first group of solicitations for the state to move away from its single IT infrastructure provider.

But for Radabaugh, even as the state continues to move toward its multi-source IT future, a massive priority is still keeping things moving seamlessly for the state’s employees.

“It’s important to remember that we’ve got to continue service stability and current operations,” Radabaugh said. “We have just about three years, or about 709 working days left under the existing contract, so it is imperative that we continue to drive optimization into our services under the existing contract.”