Techwire has learned that Peter Liebert is stepping down as California’s chief information security officer (CISO).

Liebert, who has been state government’s cybersecurity chief for almost three years, has left a large footprint in IT security governance. Under his watch, California became the first state in the nation to evaluate departments and agencies for their cybersecurity preparedness and to grade them on their “maturity metrics.”

He’s had dual roles — as CISO and as director of the Office of Information Security — and has been active and engaged in industry events and forums, evangelizing about the need for state government to harden its defenses against bad actors. Liebert was unavailable for comment Tuesday.

The dramatic growth of his Office of Information Security is testament to the weight the state attaches to its cyberdefense. In just two years, Liebert’s OIS went from nine staffers to 60. Many of those were state employees from other departments and agencies who wanted to be part of an initiative that the state’s executive leadership “is all-in on,” as he told Techwire in an interview last fall.

CDT's director, State CIO Amy Tong, issued a statement late Tuesday afternoon about Liebert's departure: "I thank Peter for his service as Chief Information Security Officer who defended California's digital services against malicious activities," Tong said. "We wish him a successful future as he progresses in his career."

Liebert has had a large presence in the larger IT community, frequently speaking at California industry events and panel discussions at the county and state levels. And he also had significant input into CDT's "Vision 2020" strategic plan, which deals extensively with cybersecurity. 

Although the state has come a long way toward cyberdefense maturity, Liebert acknowledged that it has a long way to go — and that it’s a never-ending fight against black hats.

Last fall, at a cybersecurity conference in Sacramento in which he served as a panelist for three separate breakout sessions, Liebert said that if the state’s cybersecurity apparatus were in a football game, “We’d be a couple of downs into the first quarter.”

Liebert is a dapper executive who chooses his words carefully and speaks precisely. His LinkedIn profile shows his service, from the U.S. Navy to the Department of Defense, and from working with foreign governments to being a member of the private sector. Along the way, he’s picked up a fistful of military medals and other honors, and he has an alphabet of initials after his name attesting to numerous qualifications and certifications. 

It’s not yet known what Liebert’s plans are after his service with the state concludes.  

His second-in-command at OIS is Vitaliy Panych, who was the CISO for the Department of Corrections and Rehabilitation before moving to OIS in December. Panych has 15 years of public-sector experience, working for the Employment Development Department, the Franchise Tax Board and the Child Support Automation System.

Liebert's departure comes at a pivotal time for the state: Gov. Gavin Newsom is pushing a series of revolutionary changes in state IT governance; various chief information officers and other top executives are transferring to other departments or joining the private sector; and the Legislature is gearing up for this week’s May budget revision.