Approaching the start of a fourth decade at the Idaho Transportation Department, Forrest Anderson has held an array of positions, but none so challenging and rewarding as his new assignment.
In March 2005 he assumed a special assignment to look at the cyber security of the department’s information systems and to create an enterprise security program, based on an analysis of what the department is doing well.
Today, Anderson focuses on cyber security services – protecting the department’s information assets, including data, complex systems and processes. He was named the department’s first Information Technology Security Coordinator.
As far as he knows, Anderson is the first state employee assigned full-time, exclusive responsibility for developing and maintaining an agency's a cyber security program. ITD created the position in response to a statewide directive from the Department of Administration’s ITRMC (Information Technology Resource Management Council) and as part of the Corporate IT reorganization.
ITD and the state of Idaho adopted a framework that was initially developed by the International Standards Organization that prescribed a code of best practices for information security management.
“Security is something I’ve been interested in for many years and have been involved in for some time,” Anderson says. It began as an added responsibility to his work in the Information Services (now Corporate Information Technology) section.
It has been a long journey from his first job as a Right-of-Way tracer who put engineering drawings into a permanent format. Beginning in 1976, Anderson has worked in District 3 design, served in the Army, returned to become a draftsman in the Bridge Section, worked in Traffic and in 1982 became part of Information Services after completing an agency-sponsored training program.
He has worked with computer aided drafting systems, UNIX computer systems, Windows servers and high-performance personal computers, and managed the help desk for computer support.
Security has been a common element throughout his professional migration.
In his present capacity, Anderson is responsible for:
The mission of ITD’s Cyber Security Office is to
provide protection for the department’s information resources
and assets by establishing and promoting an Enterprise Cyber Security
Program based on a standard security framework and best practices.