By Guy Page
September 16, 2019
The State of Vermont is once again without a permanent chief of cybersecurity. For the second time in a year, an interim person will serve until the state’s digital information chief hires a permanent replacement.
Nicholas Anderson, hired in December 2018 as chief information security officer (CISO) of the State of Vermont, last month went to work in the Executive Office of the President, located in the West Wing of the White House. Deputy CISO Scott Carbee was the interim CISO during the lengthy job search that led to Anderson’s hiring. He has been reappointed to that position while Anderson’s former boss, Agency of Digital Services Chief Information Officer John Quinn, seeks a replacement.
The CISO and his/her team safeguard all State of Vermont information and IT systems and software. For example, in February 2019 Quinn issued Cybersecurity Directive 19-01 to all Vermont state agencies to report the presence of some Russian and Chinese brand products in state computers. If misused, these products could provide unwanted surveillance of large amounts of protected data. CISO Anderson was the “point” person for that initiative.
Interviewed today at the Vermont State House, Quinn told Headliners that he is reviewing applications and preparing to schedule interviews. Finances pose a challenge to maintaining leadership continuity. The pay for the State of Vermont’s cyberchief is less than many other positions open to the highly skilled, in-demand talent pool. For example, many applicants expect a compensation package of between $150,000 – $200,000, but the position pays between $100,000 – $150,000, Quinn said. Anderson and his young family left the Washington, DC area for Vermont in part due to ‘quality of life’ appeal, but then was compelled to return for family and personal reasons, Quinn said.
Interim CISO Carbee has extensive IT state government and military experience. He writes on his Linked In site: “I have over 20 years of experience in information security and information technology management. My experience has been gained across multiple industries including education, military, and federal and state government. My specialty throughout has been information security whether in support of or as a focus of my primary duties.” His Linked In resume shows he has been Deputy CISO since January 2018, was IT manager for almost three years with Vermont Judiciary, and retired as a sergeant from the VT National Guard after 28 years. He holds a Master’s Degree in Information Security and Assurance from Norwich University.