CTO brings National Guard perspective to West Virginia

Given the significant priority that security has attained among chief information officers in all sectors, it is not surprising that several new state CIO appointees have extensive security backgrounds. Recent interviews with New Jersey’s Chris Rein and this week with West Virginia’s Joshua Spence have confirmed this.

Both gentlemen were chief information security officers in their respective states before becoming state chief technology officers. They perform the duties of a CIO, just with a different title. Prior to state government Spence spent a decade in the West Virginia Air National Guard where he continues to serve as a Cyber Operations officer for the 130th Communication Flight. That initial period in the Guard saw him become more and more involved in security.

“I got an opportunity to do security and I just absolutely fell in love with what it was and how it worked and the challenges with it,” he said.

West Virginia state Chief Technology Officer Joshua Spence

Spence attributed his appointment by Gov. Jim Justice to his administration’s recognition of the importance technology plays in both government operations and government services that are part of, and woven into everything government does.

“We rely on it to do so much. And when you see the cyber threat that’s been ever increasing, we have to change the way we operate,” he said.

This recognition included the need to amplify the state’s security posture in the right direction.

Tech officers need 2 magic ingredients

Spence heads up the West Virginia Office of Technology, affectionately known by it the unpronounceable acronym WVOT, which serves the 200 odd departments, boards and commissions under the executive branch of state government. WVOT is organized under the Department of Administration, one of the governor’s eight cabinet departments.

Spence has a staff of about 225 members distributed across West Virginia providing desktop support services to state agencies. He also has a central office within the capital of Charleston, where WVOT provides the enterprise data center, network and other services.

While mentioning the enterprise, Spence was quick to point out that he’s taking on what he calls the Data Center 2.0. This initiative will upgrade the state’s infrastructure and how it manages data centers to make them hybrid data centers, ready for more workloads that will inevitably go to cloud resources.

As we so often have pointed out, regardless of the CIO or CTO title a statewide IT leader needs two basic ingredients to establish an environment for potential success. One is operational authority over the state’s primary infrastructure, the consolidated data center and networking arrangement. The second most crucial component is executive sponsorship. In West Virginia that sponsorship comes from Spence’s cabinet secretary boss, Allan McVey.

“It’s definitely great to have a cabinet secretary that understands the importance of managing state organizations to provide service based support. He definitely understands that, and is very supportive of what we’re doing in the Office of Technology,” Spence said.

It’s also important to have a champion that can readily translate the technology side of things to the government operations business mindset.

“And that’s another great piece of the puzzle when you’re involving the governor’s cabinet. You’ve got to be able to make [sure] there’s that translation of language so that the issues are understood in  business terms, and not losing that audience on a technology talk,” he said.

Cyber risk management now law

Looking at other developments, Spence pointed out last year’s cyber risk initiative was jump started with a new law, the Secure West Virginia Act.

“We’ve established in law not only the existence of the cyber security office, which is a component of the West Virginia Office of Technology, but we established in law the chief information security officer position,” he said. This law requires the CISO to conduct cyber risk management activities. “This is an absolutely essential foundational component of our cyber security program moving forward,” he said.

With the governor’s State of the State speech past, and his 2021 budget for the upcoming fiscal year that begins in July, Spence recounted several new initiatives.

“From a technology perspective, we are pushing forward with both the cyber risk in the Data Center 2.0 initiative, and we’re also pushing forward on initiatives to modernize security components that we’ve already identified, that present critical risk,” he said.

On Guard experience and state accomplishments

With over two decades in the National Guard, Spence reflected on how that experience informs his role and perspective as state CTO.

“One of the ways that I feel like it has helped is the military is very good from an operations perspective, how do we structure responding to a crisis? How do we structure responding to an issue that has a time constraint on it,” he said.

He also explained that the military is very good given what its mission is, and training for those types of processes. That’s something that he believes that he brings to the state.

“I think the military has a really good program, recognizing the need to develop the workforce, and they make an investment in every soldier, airman, sailor, or Marine,” Spence said.

The military recognizes that the better they develop their people throughout their career, the better they’re going to provide services in furthering their mission and their job.

“I think that’s something that the state absolutely was able to look at and say, you know, we need to do more of that. We need to invest in workforce training. By doing so, it not only helps bring additional capability to us but it also helps support retention,” he said.

Spence concluded by reflecting on his 15 or so months as CTO with thoughts about his WVOT team. He said he had challenged the senior staff and the senior staff had in turn challenged their staff to question their standard operating procedures.

“We can always do better and that that’s our goal because our success will be the success of all those agencies we support. And the whole organization has responded well,” he said. “I’m just amazed how fast the year went, we made great progress at the same time and that’s what we want to see, and we hope to be able to continue that this year.”



THURSDAYS at 11:00 A.M.

Host John Thomas Flynn is former California and Massachusetts chief information officer and former president of the National Association of State CIOs. The show features conversations with state and local CIOs, CISOs, program leadership and elected officials, and the IT vendor community. Subscribe on Apple Podcasts or Podcast One.

Sign up for breaking news alerts