SALT LAKE CITY -- State lawmakers were briefed on cyber-security in the aftermath of a series of high-profile data breaches of government servers and computers.
"We're currently working on a DTS (Dept. of Technology Services) strategic plan," Mark VanOrden, the chief information officer of the Utah Dept. of Technology Services, told a legislative committee hearing on Wednesday.
The committee got an update on efforts to protect people's personal information after several data thefts in recent years. After a data breach of pieces of personal information involving 780,000 people from a Utah Dept. of Health server last year, the Utah State Legislature began placing more emphasis on data security.
"Some agencies have moved further than others," VanOrden told the committee. "The Department of Health, for obvious reasons, they've established a security group that we work with very closely."
VanOrden told lawmakers the Utah State Tax Commission has also established a security team. Last month, FOX 13 reported that Salt Lake City fire investigators had uncovered a data theft involving the agency's Department of Motor Vehicles. Authorities have accused an employee of mining people's vehicle record information and passing it along to others, knowing it would be used to commit crimes.
On Wednesday, VanOrden sought to secure $1.6 million in funding to continue regular audits of data security on state servers and computers. He told FOX 13 that the outside audit conducted after the hacker attack on the Utah Dept. of Health found "vulnerabilities" in every state agency.
"Obviously, I'm not going to share with you the details of the vulnerabilities," VanOrden said. "Every agency has some vulnerabilities. I wouldn't say that many of them are high vulnerabilities, but there's things that can be improved in each agency."
Funding for continued security audits is something that is supported by Rep. Angela Romero, D-Salt Lake City.
"It's a concern for me, because I want to make sure that our constituents feel safe and they feel like their information is protected," she said.
The funding would be to conduct audits every two years beginning 2015.