Governor Bruce Rauner and the Department of Innovation & Technology (DoIT) announced a comprehensive state cybersecurity strategy as an important step toward the governor’s vision for a cyber secure Illinois.

The plan outlines five strategic goals with specific action plans to protect state operations and the personal information of Illinois residents. The goals include protecting state of Illinois information and systems, reducing cyber risk, best-in-class cybersecurity capabilities, enterprise approach to cybersecurity and a cyber secure Illinois.



“States are constantly targeted and security threats pose daily risks to our ability to serve taxpayers and protect critical and confidential information,” said Governor Rauner. “When I came into office our computer systems were inefficient and broken. We are trying to change that and ensure a secure Illinois. Cybersecurity is not simply an IT issue, it is a public safety issue and we will do all we can to protect our state.”



The newly released cybersecurity strategy provides a roadmap for building a more cyber secure Illinois. As a precursor to establishing the goals and action plans, DoIT completed comprehensive risk and cybersecurity capability assessments and an analysis of the current and emerging cyber-threat landscape. These assessments provided key insight and a clear understanding of the risks posed to confidential information, Illinois’ critical infrastructure and the state’s ability to provide life, health and safety services to Illinois citizens.



“DoIT is pleased to issue an unprecedented enterprise cybersecurity strategy for Illinois,” said Hardik Bhatt, Chief Digital Officer of the State of Illinois and Secretary Designate for the Department of Innovation and Technology (DoIT). “As we continue to empower Illinois through technology, it is vital that we keep cybersecurity at the center of all we do. DoIT’s expansion into mobility for improved citizen engagement, unleashing the value of data analytics for more efficient services to our residents and efforts toward becoming the first “Smart State” in the nation are key initiatives to modernize technology in Illinois. It is crucial that these capabilities be explored and delivered securely.”



Illinois’ cybersecurity strategy was specifically designed to rapidly address any current gaps in operations, while simultaneously accelerating progress toward the establishment of best-in-class cybersecurity capabilities. The final plan was developed in partnership with stakeholders across state government, as well as other private and public sector contributors. The National Governors Association (NGA) provided significant support as part of its Policy Academy for State Cybersecurity, which facilitated collaboration across states. Illinois was one of only five states awarded an NGA Policy Academy for State Cybersecurity.



“When it comes to cybersecurity, states must be resilient,” said Scott Pattison, executive director and CEO of the National Governors Association (NGA). “Governor Rauner’s cybersecurity team, led by Kirk Lonbom, has done great work crafting a realistic and comprehensive strategy. NGA looks forward to further working with the team in Illinois to help secure citizens’ private data and protect against future cyber attacks.”



The National Association of State Chief Information Officers (NASCIO), which is a cooperative organization of states actively engaged in exploring ways to enhance state technology and cybersecurity efforts, was also a key partner in the development of the State of Illinois Cybersecurity Strategy. NASCIO has identified security and risk management as the number one priority for state chief information officers, and is providing access to national best-practices, cybersecurity research and facilitating collaboration across state Chief Information Security Officers and federal agencies.



“Cybersecurity and reducing risks in state government remains a top priority for State CIOs,” said Doug Robinson, Executive Director of NASCIO. “To address these risks, NASCIO continues to advocate that states craft a robust cybersecurity strategy, development a strong governance structure and organize for success. We’ve worked directly with technology officials in the State of Illinois to support their efforts and applaud them for taking the right steps to serve and protect their citizens.”





“The statewide cybersecurity strategy has been strengthened through guidance and support from state agency leaders and security professionals, the state’s public safety leadership and open collaboration with key public and private sector partners,” said Kirk Lonbom, DoIT’s Chief Information Security Officer. “Our progress in cybersecurity is being accelerated through our many alliances and the strong executive support of Governor Rauner, his cabinet and other key state leadership.”



The goals, objectives and action plans have been specifically developed and vetted to rapidly address any current gaps in cybersecurity operations, while continuing to accelerate Illinois’ progress toward the establishment of best-in-class cybersecurity capabilities.