Government Technology

    Digital Communities
    Industry Members

  • Click sponsor logos for whitepapers, case studies, and best practices.
  • McAfee

Q and A: New Tulsa, Okla., CIO T.L. Cox Steps in After Security Mix-Up



T.L. Cox, CIO, Tulsa, Okla.

August 9, 2013 By

Last year, Tulsa, Okla., CIO Tom Golliver resigned from the position after a bungled attempt to test the city’s IT security operations.

Last fall, a private security firm was tasked with testing the city's cybersecurity capabilities. During the operation, city IT staff mistakenly thought the website had been hacked, according to local media. The website was intentionally shut down by the city for two weeks to investigate the incident. During that time, 90,000 letters were sent to people unnecessarily, telling them their sensitive data may have been accessed.

The incident resulted in Golliver’s departure. T.L. Cox stepped in as the interim CIO in May, and on Aug. 1, he officially took over the role.

According to Cox, incidents like Tulsa’s offer opportunities for city IT staff to review operations and learn lessons to prevent similar events in the future.
Government Technology spoke with Cox on his future plans for the city in the wake of last year’s IT crisis.

Discuss your prior experience and what you bring to your new role as Tulsa’s CIO.

Before I came to work for the city of Tulsa, I worked for a management consulting firm in Dallas. We were primarily human resources; human capital. But a significant part of my responsibility was actually overseeing what we called our e-solutions division, which was a suite of SaaS (software as a service), which we offered to public entities across the United States.

Tulsa, Okla., CIO T.L. CoxCan you talk about the challenges Tulsa faced before you became CIO, and what you’re hoping to do to rectify some of the problems that occurred?

I would say that the incident you’re referring to was a reflection primarily of the IT department’s lack of collaboration and lack of communication in response to that effort. One of the things we’ve done since that time is established an IT security board that’s responsible for identifying, evaluating and mitigating risk to the city’s information security structure.


Photo: T.L. Cox



We’ve also instituted incident response teams that come together from different parts of IT to evaluate any perceived threats. So specifically related to information security, we’ve just instituted more formalized processes to deal with those situations should they happen again.

Were there any other lessons learned? Anything else that you want to do to change how day-to-day IT operations are carried out?

We want to do a better job of IT governance, so we’ll be exploring an IT governance structure, formalizing and empowering an IT steering committee. Looking at how we can better serve departments through defined service level agreements, so really just overall more formalizing the relationships that we have with departments.

What are your long-term goals for the city, and what do you have on the horizon?

Some of the things I want to do really are driven by departments. And what I mean by that is IT is unique in that we are a service provider for every department throughout the city. And an IT department within a municipality is unique when compared to the private sector counterparts because some of our customers are police officers, firefighters, folks that are employed by public works groups.

That adds a lot of nuances that really makes it difficult – for a lack of a better way of explaining it – to run a municipal IT shop like a private entity because again, of the uniqueness of the challenges. Much of the direction I want to take Tulsa’s IT department is in line with the direction that our customers are going.

The major projects that we’re working on right now are with the customer care center. [We’re] looking into the development and the installation of a customer relationship management or CRM solution. And what that would do is really provide an opportunity for citizens to interact with the city, using the channel that they’re most comfortable with, meaning over the phone; via social media; through the Web.

So the CRM solution is a large initiative we’re working on. Right now we have a capital improvement vote coming up in November. That would provide money to purchase an enterprise resource planning system for the city. So what that would enable us to do is to go out and competitively bid and select a vendor to replace our existing financial system.

Editor’s Note: This Q and A has been edited for length.

 


| More

Comments

Add Your Comment

You are solely responsible for the content of your comments. We reserve the right to remove comments that are considered profane, vulgar, obscene, factually inaccurate, off-topic, or considered a personal attack.

In Our Library

White Papers | Exclusives Reports | Webinar Archives | Best Practices and Case Studies
Digital Cities & Counties Survey: Best Practices Quick Reference Guide
This Best Practices Quick Reference Guide is a compilation of examples from the 2013 Digital Cities and Counties Surveys showcasing the innovative ways local governments are using technological tools to respond to the needs of their communities. It is our hope that by calling attention to just a few examples from cities and counties of all sizes, we will encourage further collaboration and spark additional creativity in local government service delivery.
Wireless Reporting Takes Pain (& Wait) out of Voting
In Michigan and Minnesota counties, wireless voting via the AT&T network has brought speed, efficiency and accuracy to elections - another illustration of how mobility and machine-to-machine (M2M) technology help governments to bring superior services and communication to constituents.
Why Would a City Proclaim Their Data “Open by Default?”
The City of Palo Alto, California, a 2013 Center for Digital Government Digital City Survey winner, has officially proclaimed “open” to be the default setting for all city data. Are they courageous or crazy?
View All