TN Cybersecurity Advisory Council

Tennessee government relies heavily on INFORMATION TECHNOLOGY to conduct business each day. The state’s IT portfolio contains a vast amount of personally identifiable information (PII); therefore, one of the highest priorities of the state is to protect the confidentiality, integrity, and availability of the data received, processed and stored. The maintenance and oversight of the state’s information technology security program is essential to both leveraging and protecting data.

Due to the breadth of Tennessee’s portfolio and the variance of resources and practices between each Branch, the State is faced with the challenge of providing CYBERSECURITY services with an encompassing, whole-of-government approach.

In response to this challenge, the Tennessee Cybersecurity Advisory Council was formed in the Fall of 2019. The Council contains members representing all branches of State of Tennessee government. It is chaired by the Governor’s Chief Operating Officer and the State’s Chief Information Officer; membership includes Governor's Chief of Staff, State Chief Information Security Officer, Director of Tennessee Emergency Management Department, Attorney General, Secretary of State, State Comptroller, Director of TBI, Tennessee Adjutant General, Commissioner of Labor and Workforce Development, Commissioner of Safety & Homeland Security, Director of TN Higher Education Commission, State Treasurer, Commissioner of the Department of Finance & Administration, Commissioner of the Department of Education, Commissioner of the Department of Financial Institutions, and the Commissioner of the Department of Agriculture. The Council has been tasked to expand cybersecurity posture within the state, while also encouraging an inclusive approach.

The Council’s MISSION is to provide a collaborative source of knowledge, expertise and information sharing in the field of cybersecurity supporting the confidentiality, integrity and availability of services and resources.

The collective RESPONSIBILITIES of the Council are to develop recommendations to the Governor regarding the organizational structure, authority, governance, policies, and responsibilities for a coordinated, multidisciplinary, broad-based approach to cybersecurity within the State of Tennessee - a model known as a whole-of-government approach.

The Tennessee Cybersecurity Advisory Council is currently are designing and implementing programs to STRENGTHEN public partnerships in cybersecurity. The developing programs will ultimately increase the amount of cyber services available to county and municipal governments. Increased statewide engagement provides a more accurate threat picture, which subsequently enhances Tennessee’s cyber portfolio.

The Council has identified four primary areas of FOCUS for the next two years:

1.    Preparing for and responding to major cyber disruptions

2.    Establishing coordinated programs that develop highly skilled cybersecurity professionals

3.    Promoting the awareness of state security resources and services across the state

4.    Information sharing and collaboration with Local governments and municipalities

Each focus area has a dedicated working subgroup comprised of multidisciplinary subject matter experts. These experts have determined the goals and priorities for their team and are currently identifying and leveraging the state RESOURCES required to achieve those goals. The council’s first step towards a new “whole-of-government” cybersecurity approach is to improve communications and awareness.

The new centralized TN.gov/cybersecurity page is sponsored by the Tennessee Cybersecurity Advisory Council.