Hawaii Continues to Bolster Its Cybersecurity Capabilities
Cybersecurity looms large in the news these days, and recently, news media have reported that personal information and Social Security numbers tied to as many as 4.8 million people using a multi-state job board system were compromised between February 20 and March 14 this year. Luckily, Hawaii was not one of the states affected.
Hawaii state government has moved to thwart attacks on state systems and protect citizens’ and government information from intruders. Last year, the Office of Enterprise Technology Services (ETS), requested and received funding for three new cybersecurity positions to provide security for all three branches of state government. In December, ETS filled the first of these positions, hiring the State of Hawaii’s first chief information security officer (CISO), Vincent Hoang.
Mr. Hoang is putting in place cybersecurity standards for executive branch departments and ensuring that state government system operations are following best practices in cybersecurity. He most recently served as the enterprise architect for Hawaiian Telcom, where he secured infrastructure for customers and conducted network architecture, performance, security risk, and systems infrastructure assessments.
Among other responsibilities, the remaining two cybersecurity support positions will be dedicated to identifying security issues in the state government network. The focus thus far has been on perimeter security. The next phase involves the installation of endpoint protection platforms, which provide anti-malware scanning along with many other security features.
Cybersecurity beyond the state system
But what about cybersecurity threats to other institutions and Hawaii residents outside of state government? Currently, a bill is moving through the legislature to address this concern, House Bill 598, which would enable the University of Hawaii to develop a Hawaii cyber ecosystem and related aspects of cybersecurity.
If the measure is enacted, UH would lead a collaborative effort between private sector companies, nonprofit organizations, government, and individuals to strengthen protections against cyber threats to critical energy, telecommunications, and water infrastructure systems, as well as financial, tourism, military, and other important public and private industries.