IPMA Home | IPMA News IPMA News : October 2003 Edited By Mary Ellen Bradley and Andy Marcelia

Report from the 2003 IPMA Executive Seminar

-- by Mary Ellen Bradley, IPMA Communications Committee Co-Chair

The Executive Seminar was held September 23-25, 2003 at Lake Chelan. The first speaker was Dr. Paul Sommers, the Senior Research Fellow at the University of Washington?s Daniel J. Evans School of Public Policy. He gave a 2-5 year economic forecast trend. He predicted that Washington will continue to have more unemployment especially in manufacturing and that our recovery will be slower than predicted due to a slowdown in the airline industry. Other trends that he sees are the need for corporate investment to rebound the dot coms, more outsourcing by major companies of IT work and a trend towards more acquisitions by companies. He also told us that many of the structural employment losses in Washington state will be permanent. (See www.newyorkfed.org for economic data and predictions.) He sees the follow structural changes in Washington:

• Manufacturing job loses are probably permanent. There will be significant job loss in companies with large IT departments. Software development and telecommunications will benefit when there is an upturn.
  
  
• Agriculture is looking good.
  
  
• Forest products will have a downturn. Our big export market to Japan is going nowhere.
  
  
• Construction will slow due to higher interest rates.
  
  
• International Trade ? Washington must compete with Southern California and BC both of which have invested in infrastructure to handle bigger ships.
  
  
• Biotech ? modest growth.
  
  
• Espresso ? Starbucks is growing.

The bottom line is that Washington will have a slow recovery with more structural job losses offset by gains in other sectors. (See Dr. Sommers' presentation; Microsoft PowerPoint 0.2 MB.)

John Taylor, Regional Homeland Security Coordinator for Thurston County then spoke on "Homeland Security ? What has changed since 911" (Microsoft PowerPoint 0.8 MB). John explained that the Office of Homeland Security is the largest government agency and that it was created in just 90 days. He explained the challenge of working with states, counties and cities and coordinating with different agencies. He also explained how risk management is used to determine priorities.

The following day, Stuart McKee, Director of the Department of Information Services spoke on "The IT Road Ahead". Stuart told us that technology is not over despite recent claims that it is. That claim was made by Nicholas Carr in his article entitled "IT Doesn't Matter" in the May 2003 edition of the Harvard Business Review. Stuart feels we are starting the phase of infrastructure building. He challenged the audience to think about "What if you were the CIO of the State of Washington?" ? "What if we could make a difference?" ? "What would happen if we could all work together?" ? What if we take down the silos that don?t work?".

Roy Lum, Deputy Director of Management and Oversight of Strategic Technologies, Department of Information Services spoke on "Strategic Planning" (Microsoft PowerPoint 0.8 MB). Washington States Strategic Plan is currently under development. It will ensure collaboration and coordination and focus on performance. Enterprise Strategies are Public Safety, Planning, Integration, Operations, Security, Customer Service, Efficiency and Funding. The next steps are to get inputs from the agencies, validate the strategies and goals, develop the draft plan, have review by ISB, CAB and legislature and then to publish the final plan.

Mike McVicker, Deputy Director of Operations, Department of Information Services told us about "Key Service Strategies" (Microsoft PowerPoint 0.9 MB).

Gene Matt, Director of the Department of Personnel (DOP) and Tom Miller, Assistant Director HRSD from the Department of Personnel spoke on "Civil Service Reform" (Microsoft PowerPoint 1.6 MB). They presented a review of the past year?s progress toward implementation of a modernized state personnel system and a new Human Resource Management System (HRMS). The new system is called Washington Works and replaces a 43 year old civil service system. By July ?04 the new rules will be in place. The legislature has mandated that DOP streamline the classification system. Jobs will be consolidated into broad categories with four levels in most categories. Salary ranges will be built into fewer broader bands. Employees will transition at their current salaries and may continue to receive step increases. Applications will be accepted at any time and candidate screening will be based on position needs not on job class. Each candidate pool will be unranked and any number of candidates can be referred to an agency. Gene explained that the most questions that DOP is receiving are about the rules for competitive contracting. For more information on Civil Service Reform, visit DOP?s web site.

Tom Miller told the attendees that DOP completed contract negotiations with the successful vendor, Accenture/SAP, during the first week of September. Accenture is a leading software integrator, and SAP is a developer of business software. Also part of the vendor team are Microsoft: technical platforms and architecture; Hewlett-Packard: hardware; and Avanade: customized architectures and scalable infrastructures. The software will be fitted to Washington state business environment. You can learn more about the HRMS implementation project by visiting Washington Works site or going to the State's Intranet site at Inside Washington and selecting the Employee Matters link from the row of buttons at the top. Inside Washington is the state's business intranet and is not accessible to the general public.

Mike Almvig, the Information Services Director for Skagit County spoke about local government. Skagit County recently received the award as the fifth county in that nation for digital government. The award is given by the Center For Digital Government (CDG), in partnership with the National Association of Counties and Government Technology magazine. Mike talked about Skagit County?s plans to work together with other counties to leverage their information technology. See Skagit County?s web site for more information.

Finally, Kevin G. Coleman, Executive Advisor for The Technolytics Institute, helped attendees with "Leading Change" (Microsoft PowerPoint 3.2 MB). He stated that the reality is that change is a developmental process, not an event. He talked about the need for assessment of change using the PROMISE approach.

P Process and Procedures
R Roles and Responsibilities
O Organization and Operations
M Management and Measures
I Information and Infrastructure
S Systems and Software
E Employee Relations and Education

There is a finite amount of change that an organization or an individual can absorb in a given period of time. Kevin?s definition of leadership is the capacity to mobilize all the brain power in the organization and focus on the mission.

Return to Top

WACIRC and the Response to Blaster

-- by Darlene Kosoff, Department of Information Services

The past 10 years have witnessed a 50-fold increase in electronic traffic between the Internet and state and local government networks. This traffic must be protected to maintain citizens? trust in government. However, incidents such as virus and denial of service attacks constantly threaten to shut down private and public sector businesses alike. The recent "Blaster" event is a current example. Washington state?s ongoing priority in the network security arena is to protect the state?s assets and keep government business operating around-the-clock.

On Nov. 21, 2001, in a letter to the State of Washington Information Services Board (ISB), Gov. Gary Locke, announced a new anti-terrorism measure enactment to:

• Establish standards for ensuring the security of state technology, including the physical security of computers and telecommunications and anti-virus protection;
  
  
• Establish standards for the connection of computers to the state network and the circumstances under which they will be terminated and restored;
  
  
• Facilitate the sharing of security information, tools, techniques and methods among state agencies;
  
  
• Foster cooperation among state agencies for the effective prevention, detection, handling and recovery from technology-related security incidents, and
  
  
• Establish an Incident Response Center within the Department of Information Services (DIS), and a process for reporting computer security-related emergencies and the communication of alert and advisory information about security threats and incidents.

At Governor Locke?s direction, DIS established the Washington Computer Incident Response Center (WACIRC), a collaborative partnership of authorized state agency security professionals who work together to establish a strong security defense strategy for the entire state government network and to provide continuous business continuity of services while protecting against new cyber threats that aim to infect government systems.

The WACIRC membership consists of authorized state agency security contacts. WACIRC is not intended to replace existing agency or organizational computer security response teams. Its goal is to serve as the focal point for agencies to report and communicate information about computer-related security incidents. WACIRC and associated partners participate in a cooperative sharing of incident-related information, statistics, trends and best practices.

DIS promotes participation in WACIRC, recognizing that the "chain" of state security and business continuity is only as strong as its weakest link. This membership?s goal is to support enterprise-wide security with two-way communication through a central WACIRC incident-reporting portal. Information on security-related incidents or weaknesses that are collected by each individual agency without communicating that information to other members fails to provide any value to state government as a whole. Collaboration around such information is the foundation of a strong defense strategy for the entire state government information infrastructure. WACIRC has changed the incident response model from a model of merely responding ? to a model of two-way collaboration of incident reporting, sharing, responding, containment and recovery. This first-of-a-kind approach has already proven itself multiple times with not only scheduled cyber exercises but also real-time incidents such as SLAMMER. The state is achieving its goals in WACIRC through effective prevention, detection, containment, eradication, recovery, lessons learned from technology-related security incidents and recommendations for effective improvement.

The key is rapid response to security incidents. Once an incident is discovered, every second that passes is critical to the protection of the state systems. Rapid response is key to heading off cyber tragedies in government networks. This can only be done through a collaborative spirit and formal process of state agencies working together.

WACIRC uses the following strategies:

• Invests in infrastructure capacity and resiliency
  
  
• Protects mission-critical business with data network security
  
  
• Invests in continuous availability and Web-readiness for computing systems.

The significance of this approach and implementation cannot be overstated. It is paramount to the prevention, detection, containment, eradication, recovery and lessons-learned strategy within Washington state. Washington state government is stronger by joining together forces to deal with security incidents.

Since April 2002, WACIRC has aggressively pursued and accomplished many of its goals. It established several statewide subcommittees to deliver the following improvements toward securing a strong defense strategy for the state government network (SGN):

• Established an incident response notification listserv to communicate multiple severity levels of security incidents to government agencies when the computer network is accessible. A computer-independent communication mechanism has been established and tested for when the network is rendered inaccessible.
  
  
• Authorized DIS, who provides the security and network infrastructure for the SGN, to act on WACIRC?s behalf in direct response to security-related incidents. WACIRC established a process to allow DIS to apply access controls as required to protect the SGN when reasonable evidence has been reported and confirmed.
  
  
• Drove the adoption of Washington statewide standards on wireless LANS to mitigate rogue wireless access points and rogue users within state agencies.
  
  
• Established a WACIRC Intergovernmental Web site
  
  
• Created a WACIRC Law Enforcement Subcommittee in collaboration with the Washington State Patrol and the Office of the Attorney General, which recently established the Washington State Patrol Cyber Crime Unit as the central portal for reporting and responding to cyber crimes in Washington state. In addition, the subcommittee established guidelines for cyber crime detection, forensic collection and escalation procedures to assist agencies in expediting cyber crime investigation.
  
  
• Created a WACIRC Security Awareness and Training Subcommittee, in collaboration with the Department of Personnel Training Center, to develop a Request for Quote and Qualifications for security awareness and technical training for those categories identified as critical for securing state government assets.
  
  
• Participated in the federal May 2003 TOPOFF2 Cyber Exercise, sponsored by the Department of Justice and Dartmouth College. Through the TOPOFF2 exercise, Washington was able to go beyond state agencies and establish a regional approach to provide a broader, more far-reaching cyber incident notification network to include Washington city and county stakeholders as well.
  
  
• Involved in a statewide business continuity risk assessment to assess critical government business applications within the state of Washington to insure greater business continuity in the event of physical or cyber disasters.

Two additional subcommittees were recently formed working jointly with WACIRC and the Customer Advisory Board (CAB) Architectural Subcommittee to address patch management and remote access. With the recent SLAMMER and BLASTER attacks, patch management and remote access were identified as the two highest priorities for establishing statewide best practices.

Washington is better prepared to react to incidents such as the recent Blaster and other variants and attacks. Washington has been able to leverage the work of the WACIRC community to provide the rapid dissemination of information to government agencies. WACIRC is where it is today because of the dedication by agencies to plan, prepare, exercise and act in times of a cyber incident. Washington state government is better prepared for responding to cyber threats.

Return to Top

News from the Past

5 Years Ago -- October 1998 IPMA Newsletter

10 Years Ago -- October 1993 IPMA Newsletter

15 Years Ago -- October 1988 IPMA Newsletter

20 Years Ago -- October 1983 Association of Data Processing Managers Newsletter

25 Years Ago -- October 1978 Association of Data Processing Managers Newsletter

Return to Top

IPMA, P.O. Box 1943, Olympia, WA 98507-1943