South Carolina's inspector general recommends centralizing the cyber security functions of state agencies to help prevent another loss of personal data.
Inspector General Patrick Maley says in a report released Tuesday that South Carolina's current decentralized model leaving the responsibility of data security to each agency must be eliminated.
He notes the Division of State Information Technology can only suggest policies and lacks any authority to mandate statewide standards. The division offers free security monitoring services to state agencies and local governments.
Maley recommends creating a new statewide chief security officer independent of the division and hiring a consultant to help consolidate functions.
The inspector general was asked to review cyber security after millions of Social Security numbers and other taxpayer data were stolen from the Revenue Department.