The Colorado office responsible for overseeing the state’s cybersecurity and digital infrastructure announced sweeping layoffs and a major restructuring effort this week following years of blistering state audits that exposed serious security deficiencies.
The Colorado Office of Information Technology said on Wednesday it is eliminating 173 positions, which is roughly 16% of its workforce. Leaders are calling it a “transformational change” aimed at modernizing the agency and strengthening the state’s cyber defenses.
The office oversees a wide range of digital services used by Coloradans every day, including unemployment benefits, workers’ compensation systems, driver’s licenses and food assistance programs. But in recent years, the agency has come under intense scrutiny after multiple state audits uncovered dozens of vulnerabilities that auditors warned could leave Colorado at risk of a major cybersecurity breach.
The office has been the subject of four audits in recent years. Those reviews identified deficiencies in areas including contingency planning, incident response, and risk management.
“We have to recognize the threat is getting a lot bigger,” said David Edinger, the office’s outgoing CEO and executive director. “We’ve got to get a lot more mature fast.”
Edinger said incremental fixes would no longer be enough to address the agency’s problems.
“Tweaks won’t cut it,” he said, describing the restructuring as necessary to overhaul outdated systems and practices.
Edinger is among the employees leaving the agency during the restructuring.
Sarah Tuneberg, the state’s new chief information officer, said the office must fundamentally rethink how it operates in order to meet modern cybersecurity challenges.
“We’re radically transforming the way we think about things to be the modern technology organization, like Google, like Microsoft, like Spotify,” Tuneberg said.
State lawmakers who have closely monitored the office say the changes are overdue.
State Rep. Brianna Titone, chair of the Joint Technology Committee, said she has raised concerns about the office for years and hopes the restructuring will bring greater accountability.
“I’m glad they’re doing it, and I hope that it does result in a good outcome, but I’m very skeptical,” Titone said.
She added that lawmakers intend to closely monitor the agency moving forward.
“That we’re holding everyone’s feet to the fire and that the next administration doesn’t have the problems moving forward and that we’re ready for the threats that might be coming around for security,” Titone said.
Officials say those threats are evolving rapidly, particularly with the rise of artificial intelligence and advances in quantum computing.
“We do not have even one more day to delay,” Tuneberg said. “We’ve got to change the way we do things, and we made the incredibly difficult decision that today is the day.”
While the office is cutting 173 jobs, it also plans to create 98 new positions requiring different technical skills. State officials estimate the restructuring will save Colorado approximately $4 million this year and $8 million annually in future years.
Some of those savings could be used to upgrade aging technology systems that Edinger said are decades old.
