"Not all agencies even report to the Governor. No single person can mandate security rules... by the charter established in 1859." James- No they don't but, as Brian said, the governor and the legislature can exert a pretty significant amount of influence. Don- I totally agree with your view-point. A new agency with existing personnel would be great. It would be a tough sell to legislators though. Certain elements would jump on it as creating more bureaucracy. However, if we drill it into their heads the liability, cost savings, ROI, and efficiency issues they may be swayed. I also think that there needs to be a lot input from not only those in managerial positions, but those who actually do a lot of the work. "The key element that hasn't been brought up is the role of the information security professional in either the State government or at the individual department position. " Esteban, one of the most difficult aspects is attracting and retaining talented individuals in State Government. This is not to say that there are not any talented individuals in State Government. However, these folks are self selected into service. e.g. they see the benefits of working for the state and the self satisfaction of "working for the people." In many instances, a promising hire is brought into the system, but when the economy improves, many get lured away into higher paying jobs. PERS is a good incentive but that may be disappearing soon. What creative incentives could there be? Rob Magee- Could you expound on "management makes decisions based on as much convenience as they can get away with." I'm curious to know what exactly this means. Neil- how do you encourage innovation? Reward it. There is no such thing as bonuses in State Government. That should be changed. If a person makes a suggestion that saves the State a million dollars, they should be rewarded. The bonus amount is going to be paltry compared to the savings. If a manager increases efficiency, go ahead and cut the budget but give them a little reward for doing it better. It will definitely take messing with the ORS's but I think it could be done. Make an ability to think outside the box a requirement of state service! Putting individuals who value creative thinking in positions of power is a start. Changing state rules to allow for a little more leeway in implementing procedures that may increase innovation/efficiency. However, there has to be a limit to the amount of leeway as that inevitably leads to abuses. Finding the balance is the tricky part. Seth- LOL, I know open source doesn't have anything to do with linux/unix/microsoft. I understand that open source means that the source code is made available. (I wrote an open source license for one our software products- which hopefully will be adopted by many states in their quest for electronic filing in courts- its under evaluation by a consortium of about 5 states right now). Nash- yup. DAS is hiring a CISO (I think I posted it on the list a while back). I forget what the job duties of that position were and whether coordination between agencies was involved.
This archive was generated by hypermail 2b30 : Tue Sep 24 2002 - 13:19:30 PDT