Jerred Edgar, the 24-year U.S. Army who today serves as Idaho’s Chief Information Security Officer, sat down with GovLoop recently to discuss how agencies can build a resilient cybersecurity framework. It comes down to three core principles, or building blocks, he said: competence, trust and collaboration. Below is his guidance on how to foster trust among stakeholders when developing a resilient approach — that is, Building Block #2.
Definition:
Trust is an environment where people and institutions can rely on each other, said Edgar. That includes competency (each stakeholder is good at what they do), veracity (each stands by their word) and transparency (each is upfront about their goals and objectives and acts accordingly).
Trust is essential in cybersecurity because it involves various stakeholders, both within an agency and across various partner organizations. “We need to build an equitable system that allows us to stay in our lanes but collectively move in the direction we need to move,” Edgar said. “If we don’t establish that trust, we might as well just be fighting these fights individually.”
Key Enablers:
- Shared problem solving. The different stakeholders should determine how they can tackle problems together most effectively, based on their individual roles and strengths, while being careful not to overstep their areas of responsibility, Edgar said.
- Ownership. In many cases, the key issue is follow-through, he said. As the stakeholders work together to solve problems, they need to take their commitments seriously and, if they make a mistake or fail to follow through, they need to own up to it.
- Adaptability. That said, sometimes things go amiss because of outside factors. In those cases, the stakeholders need to work together to find a new path forward. “We don’t always have everything go our way, and so we’re going to collectively adjust to it,” Edgar said.
Case Study: Apprenticeship Program
One way state governments can earn local communities’ trust is by helping them strengthen their cyber competency. That is the goal of the Operation Cyber Idaho apprenticeship program, which provides workers with 2,000 hours of developmental assignment opportunities. “We’re investing in people to show that we’re here to help, not just enforce mandates,” Edgar said.
In many areas of the state, students or recent graduates pursuing cyber careers might have trouble finding opportunities to build their skills and strengthen their resumes. The program matches applicants with organizations that need cyber support, such as a rural telehealth provider or a school district. The program, formally launched in 2024, has placed 33 people so far, supporting 11 counties, two cities and five school districts.
Watch for the next article in this series — regarding Building Block #3 (Collaboration) — and click here to read about Building Block #1 (Competence).
A version of this article is found in GovLoop’s guide titled “Preparing Agencies for Cyber Disruptions.” Click below to download the full resource.
Leave a Reply
You must be logged in to post a comment.