THANK YOU FOR SUBSCRIBING
Gov CIO Outlook Weekly Brief
Be first to read the latest tech news, Industry Leader's Insights, and CIO interviews of medium and large enterprises exclusively from Gov CIO Outlook
Dr. Joel Woppert, Director of Information Technology, Washington County, WisconsinDr. Joel Woppert has been instrumental in advancing IT initiatives in Washington County, Wisconsin. He has led the development of secure, strategic solutions that strengthen cybersecurity, enhance operational efficiency and ensure compliance, aligning seamlessly with the County’s mission to serve its residents effectively. In an interview with Govt CIO Outlook, Dr. Woppert shares how a resourceful, security-first mindset and a commitment to continuous learning empower government IT teams to stay ahead of evolving threats
A Journey Built On Mentorship And Self-Motivation
The path to my current role in information technology (IT) has been 20 years in the making. I latched onto opportunities to learn from experienced professionals who helped mold my character, refine my IT skills and develop a distinct leadership style. Their guidance, combined with self-motivation, pushed me to keep improving and pursue a master’s and a doctorate in business administration. This provided the foundation to think beyond IT and approach management with a broader perspective
Soaking in all that extra education was just as important. I also prioritize self-teaching, attending conferences, reading leadership books and constantly finding ways to apply what I learn. John C. Maxwell’s leadership books have been a big influence on how I manage my team and collaborate across departments.
Cybersecurity Is A People-First Game
Cybersecurity isn’t just about firewalls and software—it begins with awareness and informed decision-making. Attackers focus on phishing because they know one click on a wrong link can compromise an entire system. Understanding attack vectors and how breaches happen is key, which is why I prioritize investing in our employees and making sure they’re trained to recognize threats.
At Washington County, we conduct training throughout the year. New hires, department heads and staff handling sensitive information receive specialized training. IT staff, who have privileged access to systems, go through even more advanced cybersecurity awareness programs. We take a proactive approach by embracing an attacker’s mindset—thinking like a hacker to anticipate potential threats
“We Work With Each Department To Determine What Makes Sense For Them And Gradually Implement Changes That Align With Their Needs. We Also Focus On Modernizing While Maintaining Efficiency, Carefully Balancing Cloud Adoption With Operational Needs”
Employees are encouraged to flag any suspicious activity, whether it’s a phishing attempt or an unusual email, through dedicated channels. Every submission is then thoroughly investigated to ensure security. We operate with a simple but effective rule, ‘If you see something, say something.’ From there, we take a tiered approach— starting with people, then securing computers with endpoint detection and response (EDR) and extended detection and response (XDR) solutions, next-gen antivirus and personal firewalls and finally focusing on network access, ensuring systems are properly segmented and secured.
Balancing Cybersecurity And Budgets
Budget constraints are always a challenge in government IT. Unlike the private sector, we don’t generate revenue from selling products or services. That means we have to be strategic about our investments, meeting the needs with available resources. We work closely with various departments and stakeholders to develop a cybersecurity strategy that maximizes protection within our budget.
We’re fortunate to have a County Board that supports cybersecurity investments, but we still do our due diligence. If an ideal product is out of reach, we study the available alternatives. Sometimes, instead of one expensive solution, we find two different tools that can be combined to achieve the same outcome. Our approach is always about balancing security with operational efficiency
Keeping Pace With Regulatory Shifts
Compliance in government IT is always evolving. We manage CJIS, HIPAA and ECI regulations, staying ahead by monitoring updates, engaging with industry groups and adjusting our processes as needed
Our information security officer guarantees compliance by reviewing regulatory changes and assessing security needs. We stay connected with IT professionals across Wisconsin through Slack groups and Prophix, collaborating on best practices. When CJIS updates are released, we review and implement changes immediately
For HIPAA, we work closely with our health and human services compliance officer, attend conferences and ensure alignment with evolving requirements
Collaboration extends to law enforcement. Our Sheriff’s department works with the Department of Justice, giving us rapid access to updates like CJIS policy 6.0. Upon release, our security officer evaluates new requirements, compares them to existing policies and executes necessary adjustments.
Stopping Cyber Threats Before
They Escalate Ransomware and phishing attacks are constantly evolving, making awareness the first line of defense. We have built-in tools that allow employees to report suspicious emails directly to IT.
From a protection standpoint, we operate on Office 365 shop, leveraging Microsoft Defender for threat analysis and tracking. The system helps us monitor and respond to potential attacks daily
We also collaborate with IT professionals across government agencies. If a phishing campaign targets elected officials, we share samples with a network of municipalities to compare intelligence and spot larger trends. Having multiple sets of eyes on emerging threats strengthens our response. On the technical side, we rely on next-generation antivirus, EDR and XDR to stop threats from spreading outside of individual computers.
A Smart Approach To Cloud Adoption
My mentality is cloud-first, but that doesn’t mean moving everything for the sake of it. Cloud adoption in government comes with its own challenges, especially in terms of cost. We ran five and ten year business case analysis and found that keeping certain systems onsite was more cost-effective than fully migrating. That said, we are strategically adopting cloud solutions. We use Microsoft 365, moving many file services to SharePoint, which gives departments better control over their data.
A major challenge is managing terabytes of government data. Some applications are tightly integrated with on-premise storage, and moving documents to the cloud can disrupt workflows. We work with each department to determine what makes sense for them and gradually implement changes that align with their needs. We also focus on modernizing while maintaining efficiency, carefully balancing cloud adoption with operational needs.
Key Advice For IT Leadership And Growth
The biggest piece of advice is to never stop learning because IT is always evolving. People often tend to fall into habits that can limit growth, not just as leaders but also as technology professionals. Attending conferences like Cisco Live, Microsoft Ignite or Falcon offers tremendous value. These events provide insights into common challenges faced by professionals in other states and cities, allowing for knowledge-sharing and problem-solving. Building a strong resource list is equally important. I have hundreds of vendor contacts because having access to the right resources at the right time makes a significant difference. Knowing where to find answers is crucial in this field.
Continuous learning and self-improvement are key. As a big advocate of reading, I apply what I learn to become a better leader for Washington County’s IT team and stay productive. Expanding expertise, maintaining strong connections and continuously improving help make the job easier and more effective.
Read Also
