For Media/Press Inquiries:
Erin Choy
External Affairs Manager
Agency for State Technology
(850) 412-6041


Florida names Corrections security leader as state CISO

The state’s new chief information security officr says his work managing IT security at Florida's Department of Corrections primed him for a larger organization in state government.

By Colin Wood
December 14, 2017 10:18 PM

After a six-month search for a new chief information security officer, the State of Florida has hired from the inside, officials from the Agency for State Technology confirmed to StateScoop Thursday.

Thomas Vaughn, who most recently served as the CISO for the state’s Department of Corrections (DOC) and has spent more than 25 years working in IT security, has been Florida’s new statewide CISO since Dec. 1. Charged now with leading IT security operations across state government, Vaughn replaces former state CISO Danielle Alvarez as the current iteration of the state technology agency’s second-ever CISO.

(Keep reading)


Military Veteran Takes Top Florida Information Security Job

Thomas Vaughn, who has served in the U.S. Army and Coast Guard, is the Florida Agency for State Technology's (AST) new chief information security officer.

by Skip Descant / December 14, 2017

Florida has turned to a military veteran to serve as its new chief information security officer.

Thomas Vaughn, who has served in the U.S. Army and Coast Guard, is the Florida Agency for State Technology's (AST) new chief information security officer, taking the place of Danielle Alvarez, who left the agency for a job in the private sector in June.

“I’m very excited by the challenges the job presents. And I’m really interested in being able to have a larger impact on information security,” said Vaughn. “It sounds a bit idealistic, but I really see this job as contributing not only to the safety and security of the citizens of the state of Florida, but also ultimately, to the defense of the nation. Because in the cyber-realm, we’re all kind of on the same battlefield. So, I’m looking forward to having some impact there.”

(Keep reading)


Florida Governor's Proposed Budget Would Formalize Cybersecurity Training

Gov. Rick Scott's budget proposal for the 2018-2019 fiscal year would solidify nearly a quarter-million dollars in cybersecurity training for agency leaders.

by Theo Douglas / November 14, 2017

Gov. Rick Scott is recommending the state commit to funding cybersecurity training for agency leaders in his 2018-2019 state budget, which would make an annual spend of nearly a quarter-million dollars in ongoing education.

The recommendation is a high point in the state’s information technology (IT) budget for Florida’s Agency for State Technology, which the Legislature established in 2014 to set IT policy, manage related resources and oversee crucial tech projects.

This year, at AST’s request, the governor proposes making recurring an annual expense of $220,000 to provide IT security training to the security managers across 35 state agencies.

Previously, AST received the funding on a year-to-year basis, but as agency spokesperson Erin Choy pointed out, it has a “statutory responsibility” to train state agency information security personnel.

“Having a trained workforce is very important, and his recommended budget continues the training and the level of awareness that agency IT personnel should have,” she said.

“Protecting Floridians’ data and personal information is critical, and this investment will support AST as they work every day to find innovative ways to keep this information secure and make Florida a leader in information technology,” Scott said in a statement.

Eric Larson, state CIO and AST executive director, praised the governor’s commitment to cybersecurity.

“This training gives them a real-life scenario and the opportunity to prevent an attack from occurring,” Larson said in a statement.

(Keep reading)


Florida Looks Forward to Hiring its First Geographic Information Officer

Q&A: Chief Information Officer Eric Larson says the state's incoming GIS leader will have a coalition of the willing ready to follow.

By Colin Wood - August 29, 2017 8:00 AM

There are only a handful of states without a strong centralized office for geographic information services, and soon Florida will no longer be one of them.

After a recent legislative contest that could have ended the existence of the technology office itself, the Agency for State Technology not only continues on, but does so with dollars to fund new geographic information officer (GIO) and chief data officer (CDO) roles. The positions are intended to bring new rigor to an attempt first volleyed before AST was founded in 2012. There hasn't been a centralized GIS effort in the state since then, but a GIS workgroup under AST went a long way to convincing the legislature that it was finally time to formalize the role of spatial data in the state.

Eric Larson, Florida's chief information officer and executive director of AST, told StateScoop the state is prioritizing replacement of its chief information security officer — Danielle Alvarez left the state for the private sector in June — before hiring its first CDO and GIO within the next couple months, but that the hires represent new opportunities for the state.

Whether the new roles will be enough to bring stability to Florida's state technology office isn't yet clear — but Larson said he's hopeful.

(Keep Reading)


Florida Tests Cybersecurity Defenses with Hurricane Scenario

Attendance is up at an annual cybersecurity training exercise held by the Florida Agency for State Technology and the Florida National Guard.

by Theo Douglas / August 21, 2017

The annual state-sponsored cybersecurity training for agency staffers by the Florida Agency for State Technology (AST) — which survived another defunding attempt this spring — has doubled in attendance in three years. The state has adopted a cybersecurity framework designed to National Institute of Standards and Technology (NIST) specs.

In the latest training exercises, held from Aug. 14 through Aug. 17, AST in collaboration with the Florida National Guard (FNG) educated more than 40 staffers from 12 state agencies, up from around 20 trainees in 2015, the first year the exercise was held. Goals included testing incident response and internal communication procedures; and identifying best practices, and existing gaps and redundancies. Other participants included the Florida Fusion Center, a state-federal collaboration aimed at sharing resources to improve detection, identification and prevention of criminal and terrorist activity.

(Keep Reading)

capitol news service logo.jpg

State Agencies Get Crash Course in Cyber Defense

Capitol News Service - August 16th, 2017 by Jake Stofan

The Agency for State Technology and the Florida National Guard are teaming up this week to put the cyber security of state agencies to the test. IT staff from multiple state agencies are undergoing training exercises using real life scenarios of cyber threats. While one team tries to break into a system, the other side tries to defend against it.

“To take systems with vulnerabilities and to have one side of the group exploiting them and the other side trying to mitigate it, eliminate the vulnerabilities and of course get the bad actors out of their system. So it is modeled after real world scenarios and we’re happy to be able to give them practice without it being real,” said Eric Larson, Executive Director of the Agency for State Technology.

The training continues through Wednesday.

wfsu logo.jpg

Florida's Top Cyber Cop Says Threats Are Constant

WFSU By Jim Ash Aug 15, 2017

Eric Larson, Florida’s top cyber cop, says even hyper vigilance can’t completely protect the state’s critical data networks from a daily barrage of illegal probes.

But the executive director of the Agency for State Technology says frequent security drills, like one sponsored Tuesday by Florida National Guard, keep experts familiar with the latest threats.  

“There’s a constant cat-and-mouse game, so it’s not possible to ever get to a perfect state of security. As much as it is pro-active for these types of exercises to practice, it’s also reactive in terms of being able to identify and address issues.”

Larson said hackers are constantly threatening state computer networks that control everything from water supplies to payrolls and health systems. 

TheFloridaChannel logo.jpg

TFC News Brief

August 15, 2017

The Florida Agency for State Technology partnered with the National Guard to train agencies in a cyber security exercise.

Click here to watch video (at 8:44 mark)

TheFloridaChannel logo.jpg

Capitol Update Extended – Cybersecurity

June 1, 2017

State information technology officials work overtime to prevent a global cyberattack from infecting state and university networks.

Click here to watch video

StateScoop names top state IT, cybersecurity leaders with annual StateScoop 50 Awards

*** AST Chief Information Security Officer Danielle Alvarez was named State Cybersecurity Leader.***

April 24, 2017

The 2017 winners of the StateScoop 50 Awards, which highlight the best and brightest in the state IT community, were announced Sunday at a reception in Crystal City, Virginia, to help kick off the National Association of State Chief Information Officers' midyear conference.

For the fourth year, the StateScoop 50 awards honored state government information technology executives, leaders, industry influencers, up-and-comers and innovative projects. And for the first time, the awards honored cybersecurity leaders across state government.

The recipients of this year's awards were selected by members of the state and local government IT community in a nationwide voting process. More than 100,000 votes were cast on StateScoop, narrowing down more than 150 nominations across six categories to select 50 winners.

(Keep Reading)

Transparency Requires Government Data to Be Available and Accessible

IT has the opportunity to provide greater value in government.

by Jason Allison

Jason Allison is Florida CIO and executive director of the Florida Agency for State Technology.

Making government data available offers much value, to both citizens and an active democracy.

The digital age and the internet have ushered in many changes to our global culture, particularly when it comes to expectations for information access. Technology is readily available to aid in the ease and efficiency of data analysis, analytics and distribution, which citizens now expect.

Government transparency means financial and public information is readily understandable and readily found. It means taxpayers can see how public funds are used and hold their elected officials accountable.

(Keep Reading)


Florida shifts focus from IT strategic planning to project assurance

As the state adjusts its operational posture, the ultimate goal remains of making things as good as possible inside government and out.

By Colin Wood
December 20, 2016 5:21 PM

Florida is focused on making sure its projects are on track, Chief Planning Officer Tara Kyvik told StateScoop at the National Association of State Chief Information Officers annual conference in September.

Last year it was IT strategic planning, but this year it's project assurance, she explained.

"It's kind of my life mantra is to always to do better," she said. "There's always opportunities to do that. We want to bring a little more of a lean approach into our project management standards, also bring in flavors of agile methodologies. So while right now our standards are compatible with agile methodologies, you won't see any of the agile vernacular in there. So we want to start moving the state more in that direction."

Innovation in Florida takes the form of streamlining processes, she said, a task that can take many forms.

"I never want to be seen as just a bureaucrat," Kyvik said. "I want to be seen as somebody who is always working to make things better, surrounded by a team of folks I think who share that commitment to make things as good for the agencies and for the state citizenry as possible. It can take a variety of shapes and forms. It can be as simple as tweaking a dial here and there to make things more efficient, or if it's to reinvent a process altogether."