The awards weren’t only given to recognize industry leaders, CDG Executive Director Todd Sander said, but to spread awareness about how important cybersecurity has become, particularly in government.
Awards were given in seven categories. Alaska won in the state government category for consolidating cyberefforts into a unified enterprise approach that's projected to save the state $3.8 million over a three-year period. The New York City Metropolitan Transportation Authority won in the city government category for upgrading approximately 15,000 legacy desktops and servers, and maintaining business operations during the upgrade. The Sacramento (Calif.) Regional Fire/EMS Communications Center won in the county government category for improving email security without spending extra funds and improving business continuity during disasters.
“One of the hardest things to do [in cybersecurity] is to help people who aren’t necessarily technology people understand how complicated and broad the threats can be, so the available resources are there,” Sander said. “I think all of these winners have done a good job of realistically identifying the threat and made a case for appropriate investment.”
In the county category award, Sacramento was chosen for excelling in several areas, including its creativity and leadership, Sander said. “One of the things we liked about them is that they took a real comprehensive, team approach to their security implementation,” he said. “They included a lot of participants in their planning and worked with a variety of staff. They included their vendor partners, and they really brought a team-based focus to their approach to cybersecurity.”
The Sacramento Regional Fire/EMS Communications Center oversees eight fire departments and covers 1,000 square miles, which means the center’s IT security is critical to a lot of people, Chief Executive Director Teresa Murray said. When they started IT restructuring ten months ago, she said there was just one permanent IT person on staff and many vacant positions. “This whole organization has undergone a complete change,” she said. “The important piece of this really is that the team came in and came together very quickly, collaboratively and creatively.”
Murray said she’s proud to be part of an agency recognized for making such big improvements without increasing the budget, especially in a field of many larger agencies.
In Alaska, security and risk management technology in 10 disparate areas was consolidated. Technology that was previously managed under seven different vendor contracts was integrated into a single, unified approach. The change is projected to save the state $3.8 million over three years and also make things easier for the state to manage, Sander said.
“One of the things we really liked about Alaska was they took a real comprehensive enterprise approach to cybersecurity,” he said. "They have consolidated their security strategy around a single set of tools and technologies and implemented it broadly across the organization. I think that’s a particularly good strategy for an enterprise like a state government.”
The takeaway for everyone in this award ceremony, Sander said, is that cybersecurity is a fundamental and foundational technology for governments today, calling the awards a chance to identify and share best practices. Many governments underfund cybersecurity, he said, adding that it’s much easier to plan for cybersecurity before an incident occurs rather than wait until a catastrophe strikes.
Additional winners include the University of North Carolina Wilmington in the education category for implementing a certificate program for established system administrators, a program that equipped all university-owned devices with tracking capabilities as well as remote locking and wiping capabilities.
The St. Joseph Health System, which includes 26 locations and 30,000 employees, won in the health-care category for implementing a new security-connected platform and adding on-site security professionals. The upgrade transitioned the health system from reactive to proactive and puts it in compliance with new HIPAA and Omnibus requirements, according to the CDG.
The Virginia Information Technologies Agency won the Cybersecurity Integration Partnership Award for IT infrastructure upgrades that decreased the number of attacks and enhanced situational awareness, benefiting 89 agencies at more than 2,300 different locations in the state.
Monroe County Schools in Forsyth, Ga., won the Cybersafety and Digital Citizenship Program Leadership Award for training students, teachers, staff and parents over the past two years on the issues of cybersecurity and digital citizenship.
For more information on the 2013 Cybersecurity Leadership and Innovation Awards, visit the Center for Digital Government website.
Editor's Note: Janet Grenslitt of the Center for Digital Government contributed to this story.