05-05-2025
Information Technology Department taps new chief information security officer
State officials, in announcing the appointment of James Saunders to be the next chief information security officer for the Maryland Department of Information Technology, said cybersecurity is "more important than ever" in the face of evolving threats. (Photo by)
The Maryland Department of Information Technology (DoIT) named a former U.S. Office of Personnel Management information officer Monday as its next chief information security officer.
The department said James Saunders started in an acting capacity on Monday.
In a statement announcing the appointment, the department said Saunders will lead DoIT's Office of Security Management, which is responsible for securing the state's IT systems, infrastructure and private data. Administration officials called Saunders 'a highly sought-after candidate,' who brings more than '15 years of cybersecurity leadership experience across the federal government and private sector.'
'I'm a big believer in partnership,' Saunders said in the anouncement. 'Whether they are part of my security team or not, I will work hand in hand with those across the State of Maryland to ensure we keep our people and our assets safe, together.'
The department said Saunders served as CISO and deputy chief information officer at OPM, where he helped implement 'zero-trust programs and drove a cultural transformation within the agency's security team to enhance inter-agency collaboration.' He also served as CISO for the U.S. Small Business Administration when it was called on to develop secure systems to distribute nearly $700 billion in funds to businesses during the COVID-19 pandemic.
'As public and private organizations face new threats like agentic AI, strong cybersecurity is more important than ever,' said DoIT Secretary Katie Savage. 'James Saunders is an experienced cybersecurity expert who has helped secure some of our nation's most important systems. We are thrilled he is bringing his expertise and leadership to the State of Maryland.'
Saunders is the latest federal official to shift into high-ranking state job, as the new administration in Washington brings uncertainty about the future of the federal workforce. He follows the appointments of Commerce Secretary Harry Coker Jr., who previously worked as White House cyber security director; Health Secretary Meena Seshamani, the former administrator for the Centers for Medicare and Medicaid Services; and former Environmental Protection Agency Mid-Atlantic Regional Administrator Adam Ortiz, who is now deputy secretary for external relations at the Department of the Environment.
Saunders will serve in an acting capacity until he is formally appointed by the governor and his appointment is approved by the Senate.
Gov. Wes Moore called the appointment 'a big deal,' since it is coming at a time 'when Maryland is choosing to bet big on the cybersecurity industry.' He said in the department's statement that with Saunders, 'we will continue to ensure our people are protected, our state is secure, and Maryland sets the standard for leadership in cyber.'
