Sonja Teamer is information security officer at the California Unemployment Insurance Appeals Board (CUIAB), a position she has held since February 2019. The board protects the rights of California’s employers and unemployed and disabled workers and, as an independent administrative quasi-judicial agency, resolves disputed unemployment, disability, and tax determinations and appeals. Her state career began as a student assistant at the California Public Employees’ Retirement System.
After earning a bachelor’s degree in accountancy, Teamer became an internal auditor and rose through the ranks to became CalPERS’ lead information systems auditor. In October 2012, Teamer pivoted to information security. She is a 2018 graduate of the California Department of Technology’s Information Security Leadership Academy (ISLA) and has been a Certified Information Systems Auditor since 2006.
Industry Insider — California: As a technology leader at your organization, how do you describe your role; and how have the role and responsibilities changed in recent years?
Teamer: As the ISO (information security officer) for the CUIAB, it is incumbent on me to ensure our agency is in compliance with statewide security guidelines, policies and standards. This safeguards our agency, positions it against various forms of security breaches, and sustains the integrity of our data and the personal information that is maintained. My role also requires that I provide proper education to our users on those policies and elevate security awareness as a daily habit and common practice when conducting business on behalf of the CUIAB. In terms of changes to the ISO’s role and responsibilities over time, that has primarily been driven due to the sophistication of attacks received, security breaches that may have occurred along the way, and the increased number of attack vectors our users and infrastructure are bombarded with on a daily basis.
Industry Insider — California: How big a role do you personally play in writing your organization’s strategic plan?
Teamer: As a member of the IT management team, I influence the strategic plan through providing education and guidance to the CUIAB’s executive management team. Additionally, in recognition of the importance of information security, our agency’s strategic plan includes a heightened awareness of security as a critical component to ensuring the public’s information is secured appropriately throughout its life cycle here at the CUIAB. As the CUIAB’s ISO, I also provide input on how IT will be used to satisfy our mission, comply with security mandates, and successfully execute on the strategic plan.
Industry Insider — California: What big initiatives or projects are coming up? What sorts of RFPs should we be watching for in the next six to 12 months?
Teamer: Over the past two years, the CUIAB has been working to modernize the way that we process appeals. In an effort to deliver a robust and high-quality appeal system and services to our appeal parties, the CUIAB has embarked on an exciting journey to modernize our appeal system. The goal of the project is to empower both our employees and appeal parties through improved access, including an online portal, to an appeals system that provides a fast, fair, and user-friendly hearing process and more timely appeal decisions. Our pursuit of a new appeals system stems from a longstanding need for a comprehensive and technologically advanced appeals system. The new appeal system will fundamentally convert our aging, paper-driven appeals process to an electronic case management system. Another crucial element of the new appeal system is secured web portal access for both the CUIAB staff and the public.
Currently, the CUIAB’s Project Team, which is comprised of the IT office, subject matter experts, and other dedicated staff, is working alongside the contracted vendor to finish designing the new appeals system, which continues to make progress towards going live with a paperless, comprehensive, web-based case management system to more efficiently process appeals and address future workload increases. The CUIAB anticipates going live in the summer of 2022, and we are excited about the positive operational changes, increased accessibility, and growth opportunities the system will bring our agency and the public. With that said, we do not anticipate issuing any RFPs within the next six to 12 months for security-related projects.
Industry Insider — California: What term or phrase do you use to refer to what many call “digital transformation?” How far along is your organization in that process and how will you know when it’s finished?
Teamer: We use the term “modernization” instead of “digital transformation.” The CUIAB has mainly been a paper-based organization, and even prior to the pandemic, we had started working towards developing a more “modern” way of providing service to the public and are on track to begin using many new processes through digital technologies. One such example is the recent implementation of a process to securely transmit certain categories of digital documents from the (Employment Development Department) EDD to the CUIAB in lieu of mailing hard copies of the files, which began in December 2021. Since that time, the CUIAB has continued working in partnership with the EDD to further facilitate the process necessary to digitally transmit additional documents from the EDD to the CUIAB. We anticipate this will occur over the coming year. This is just one example of a “modernization” effort the CUIAB is undertaking, through collaborative efforts with other state agencies, as we continue with the modernization of our appeals system. Additionally, due to the COVID-19 pandemic and various executive orders issued by the governor during that time, which suspended statutes requiring access to public hearings, the CUIAB pivoted to offering alternate formats for conducting appeal hearings on a large-scale basis. Specifically, instead of allowing parties and members of the public to be physically present during administrative hearings, the CUIAB began scheduling hearings telephonically to address the operational impact, provide adequate notice to parties, and maintain adherence to health and safety protocols for the safety of the CUIAB’s employees and members of the public. This has allowed the CUIAB to further modernize business practices and offer more efficient services to parties.
Industry Insider — California: What is your estimated IT budget and how many employees do you have? What is the overall budget?
Teamer: Currently, we have 31 IT staff and our IT budget is approximately $8 million. For context, the CUIAB’s total staffing is just over 400 employees and the overall annual budget is approximately $100 million.
Industry Insider — California: How do you prefer to be contacted by vendors, including via social media such as LinkedIn? How might vendors best educate themselves before meeting with you?
Teamer: Email is my preferred method for vendor contact. Prior to reaching out, I would encourage vendors to acquaint themselves fully with the CUIAB by visiting cuiab.ca.gov. This will help ensure adequate research about the agency has been conducted and that any identified issue or proposed solution is properly articulated and aligns with the CUIAB’s business operations, mission, strategic plans, etc.
Industry Insider — California: In your tenure in this position, which project or achievement are you most proud of?
Teamer: It’s all about the people! I am proud to have hired staff who are as passionate and interested about information security as I am. I truly enjoy having a staff dedicated to helping people understand the importance of information security, and having fun while doing it.
Industry Insider — California: If you could change one thing about IT procurement, what would it be?
Teamer: If there was immediate and ongoing funding to fast-track procurement directly linked to mandatory security-related requirements, that would be great. However, there are many administrative processes within the state’s IT procurement process that provide necessary safeguards and oversight so that the development and procurement of IT solutions deliver clear, fast, dependable, and equitable public services based on the missions and goals of the agency.
Industry Insider — California: What do you read to stay abreast of developments in the gov tech/SLED sector?
Teamer: Since what happens to the private sector as it relates to information security also relates to the government sector, I do not limit myself to developments in one or the other. Rather, I try to stay apprised of developments throughout the industry as it relates to information security by utilizing some of the following resources and practices:
- Reading feeds and subscribing to online security information sources, such as the National Institute of Standards and Technology (NIST), Cybersecurity and Infrastructure Security Agency (CISA), (the California Governor’s Office of Emergency Services) CalOES Cyber Security Integration Center, Industry Insider — California,* Vogue, TechTarget and GovTech.*
- Staying apprised of other related news stories by performing research as it relates to the topic.
- Communicating with other professionals within the information security arena.
Teamer: I enjoy reading cookbooks as well as mysteries. Spending time with my family members, coming up with DIY projects that bring smiles to my family and neighbors when they see the final products, and assisting others in general.
*Government Technology magazine is a publication of e.Republic, which also produces Industry Insider — California.
Editor’s note: This interview has been lightly edited for style and brevity.