1. A better henhouse — Independence for the information security function, for example, not to be aligned with or reporting to either the executive or legislative branches. This is important for “fox and henhouse” reasons.
2. Watchdogs for local officials — Greater regulatory oversight of the local government sector and an acknowledgement that the criticality of the services must be commensurate with the degree of oversight applied. It’s local government that manages traffic, trades power between grids, makes clean water and operates 911 call centers and — in most cases (especially in smaller cities and counties) — this is being deployed with little oversight, and complete trust in vendors.
3. Virtual resources — A completely thin-client user desktop base, preferably using virtualized pools of resources. This would negate the ability for users to turn their desktops into remotely controlled bots.
4. Better technology — A certificate management infrastructure, which facilitates encryption, key management, digital signatures, authentication, authorization, 802.1x, internal SSL, etc. This would allow a great number of initiatives to leverage a single point of administration, in a manner that keeps us compliant with state requirements.
5. Easier work with other departments — I’d very much like our monitoring infrastructures to integrate with our service desks, so that when an event is observed with a high degree of confidence, a ticket is auto-generated to triage the event and escalate as necessary.