Close

New Research from CDW on Workplace Friction

Learn how IT leaders are working to build a frictionless enterprise.

Click Here to Read the Report
Apr 15 2026
Security

Connecticut’s CISO Pushes a Unified, Outcome-Driven Cyber Strategy

The state’s security chief urges states to unify security platforms and apply meaningful automation to speed operations.
by

Jessica Balen is a freelance writer for the CDW family of magazines.

Connecticut CISO Gene Meltser cut through the tooling hype: The state’s biggest enemy is fragmentation — too many products, too little scale and not enough measurable risk reduction. His fix is a unified, identity-centric security stack backed by “meaningful automation” that speeds investigations and focuses executive conversations on outcomes rather than products.

Meltser set the mission context plainly in remarks at the most recent Google Public Sector Summit: A statewide enterprise that spans agencies, municipalities and partners needs platforms that scale and a security operations center (SOC) that can act decisively. The goal is to deploy abilities on “a capable platform that also has scale,” and to let artificial intelligence assist the center with actions that matter in real time, he said.

Click the banner below for insights into justifying cybersecurity investments.

x_security_q325_animated_click_desktop_01 x_security_q325_animated_click_mobile_01

 

Connecticut Limits Security Tool Sprawl

For Meltser, the first pivot is cultural. Stop centering the discussion on tools, he told conferencegoers, and start centering it on risk and results.

“One of the ways to build momentum with your team is to measure the actual risk and redundancies, not only in systems but in people as well,” he said.

For government IT leaders, this means invest where it reduces risk you can quantify and sustain.

Meltser framed the technology pivot as enabling people to do higher-value work at scale. New platforms and “new ways of working” should amplify the state’s existing teams, not drown them in dashboards. That means consolidating where possible, standardizing telemetry and automating repetitive triage so scarce analysts can focus on playbooks and threat engineering.

State IT Agency Seeks Meaningful Automation

Asked for practical examples, Meltser emphasized gains in incident response speed. Connecticut’s security operations have seen investigations shrink “from days to hours or less,” he said — a shift he attributes to carefully targeted automation that accelerates the work without creating new maintenance burdens. That improvement is critical as the state “scales our operations and supports all agencies.”

The qualifier — “meaningful automation” — is deliberate. Meltser cautioned against chasing novelty that doesn’t reduce risk. The point is not to sprinkle AI everywhere; it’s to plug automation into specific choke points such as alert deduplication, initial context-gathering and routing so analysts get to a correct decision faster and with less fatigue.

READ MORE: Cloud and artificial intelligence are government productivity drivers.

IT Operations Benefit from Unification and Scaling

As CISO, Meltser plays a central role in setting Connecticut’s overall cybersecurity direction, especially for the executive branch. State strategy documents describe a model where Connecticut aims to run cybersecurity as a unified enterprise program, with the CISO responsible for designing and implementing a statewide cybersecurity program and building an enterprise approach that can scale across agencies.

In practice, Connecticut is pursuing platforms that collapse overlapping tools and normalize data flows across agencies and municipal partners.

Meltser described introducing “platforms and tools from our office to scale with maximum efficiency” and to reduce lingering risks that slow teams down. The target is fewer seams, clearer accountability and faster time to action.

His enthusiasm for AI is pragmatic: Defenders finally have a chance to leverage scale the way attackers do. He’s excited by “performing actions and acting on events meaningfully with a central SOC,” provided those actions are measurable and repeatable.

For a state that must protect everything from citizen records to critical infrastructure, “platform and scale” beats one-off scripts and boutique tools.

DIVE DEEPER: Governments should test platforms, not projects.

CISO Advises on Best Practices for Simplifying Security

Meltser’s insights reflect some best practices that empower states to simplify the stack, scale the team and prove risk reduction with numbers. Among his recommendations:

  • Make “risk, not tools” the mantra. Recast leadership briefings around exposure, coverage, mean-time metrics and recovery. It’s the fastest way to align funding and measure progress.
  • Collapse overlap and normalize telemetry. Inventory duplicative capabilities, then standardize data into a platform the SOC actually uses. The return is less noise, fewer false positives and faster handoffs.
  • Automate where it matters. Start with triage and enrichment to cut “days to hours.” Track the delta and feed wins back to budget and HR conversations.
  • Design for statewide scale. Choose platforms that extend across agencies and municipal partners, write shared playbooks and set auditable service levels.
  • Build human redundancy. Plan rotations, cross-training and surge capacity so your best people aren’t single points of failure.

By unifying platforms and applying targeted, “meaningful” automation, Connecticut reports investigations that once took days are now completed in hours — leaving the SOC to spend its time on work only humans can do.

Svitlana Hulko/Getty Images

More On

Related Articles