Weak will serve as the state’s first director of information security, reporting directly to the governor.
The former U.S. Air Force lieutenant colonel brings the experience of a 20-year military career, which included service as the Information Technology and Cybersecurity Officer.
In a June 12 statement, Otter cited Weak’s “proven leadership abilities” saying, “I’m confident he will provide the cutting-edge knowledge and real-world judgment the state of Idaho needs to address the kind of technological threats facing us all — from cyberterrorist attacks to criminals using ‘ransomware’ hacks to extort our businesses and government entities.”
The Cybersecurity Task Force was originally created in 2015 to shore up the state’s cybersecurity risk profile. In addition to the appointment of a cybersecurity figurehead, the governor also directed agencies to immediately adopt the National Institute of Standards and Technology cybersecurity framework, as well as adopting the security controls recommended by the Center for Internet Security within the next year.
Additionally the order directed the Department of Administration to facilitate system penetration testing, and directs the Division of Human Resource to outline and implement training for various personnel classifications.
“I am committed to making Governor Otter’s vision on cybersecurity a reality,” Weak said in the release. “Through education, proactive countermeasures and effective policies, I’ll strive to protect the confidentiality and integrity of Idaho’s information technology assets.”
Weak officially assumes his duties as Idaho's director of information security on Aug. 1.