In 2012 Chief Information Security Officer Jonathan Trull, with the help of the Colorado Information Security Advisory Board, created our state’s first cyber security strategic
plan -- Secure Colorado. The plan was a call to action, acknowledging the criticality of state information assets, the
need to protect those assets, and the fact that the state was continually under cyber attack.
The threat has since escalated. While tools have given us better
visibility into security incidents, the attack volume has also
increased significantly, and we are currently defending our state
network against 8.4 million security incidents per day.
In 2015, the Colorado Information Security Advisory Board reconvened to receive an update on progress and reevaluate Secure Colorado. The board overwhelmingly found the direction and
program priorities relevant, appropriate, and sound. With the board’s recommendation, the State of Colorado is adopting Secure Colorado as our ongoing multi‐year strategic roadmap, and broadening it to
encompass fiscal year 2016‐2018 and future needs.