Lance Wyatt, who has served as CISO with the Idaho Department of Information Services for the past three years, said he has stepped back from the role, taking the role of information security engineer.
The switch happened "over the past few weeks," said Wyatt, adding that he will likely be aiding the incoming CISO in a deputy capacity. In the meantime, his new role will probably involve "a lot of the same activities" as the old one, he said.
Wyatt took over from former state CISO Thomas Olmstead in January of 2017, subsequently helping to implement a number of changes to the state's cybersecurity framework. Those changes included the adoption of the CIS 20 Security Controls and the NIST Cybersecurity Framework, while also assisting the Secretary of State's office with election security efforts.
Wyatt said that the CISO's office is being re-tooled overall, explaining that the shifts come as part of a broader IT modernization effort launched by Gov. Brad Little.
Little took office in January 2019, promising to modernize the government's IT and make security more consistent across state agencies. In his 2020 State of the State address, Little said he was committed to strengthening "the state’s IT infrastructure to meet the needs of a growing state."
