Terrence Woods, Oregon’s State Chief Information Officer, and agency leads briefed the Joint Legislative Committee on Information Management and Technology on the state’s data center operations, enterprise information services (EIS) programs, cybersecurity services and new data-governance work.

James Foster, director of the State Data Center, said the facility — built in 2006 and later expanded — now supports 85 agencies, boards and commissions and provides colocation, managed computing, backup, enterprise storage, network and cloud-brokering services. He described the data center’s raised floor area, temperature and humidity controls, and a 2021 power-and-cooling expansion that enabled new colocation services and improved resiliency.

CIO Woods and Foster told the committee that shared, centralized services remain price-competitive compared with peer states. Foster cited a recent vendor study that found data center operating costs approximately 56% below a peer-group average, which the presenters quantified as roughly $42 million less in operating expenses compared with that peer average. Committee members asked whether agencies are required to use the state data center; Woods said there is no mandate, but agencies often choose colocation first and later transition to managed services because of demonstrated value.

Ben Gresgeir, the state chief information security officer, described the state’s cybersecurity services division (CSS). He said CSS is a unified enterprise capability of about 64 cybersecurity professionals covering governance and policy, enterprise network security, a security operations center (SOC), architecture and assessments. Gresgeir noted recent accomplishments including adoption of NIST guidance (presenters cited NIST SP 800-63 controls), migration to CIS v8 controls for agency assessments, procurement of a cyber threat-intelligence platform to support dark-web monitoring, and near-complete rollout of mobile device management (MDM) covering roughly 29,000 executive-branch mobile devices. He also described a cooperative threat-intelligence agreement that 34 counties have indicated interest in joining.

Jennifer De Jong, shared services director at EIS, reviewed enterprise programs including the Oregon.gov portal (e-government), Microsoft 365 support, telecommunications/telephony management and the Statewide Quality Assurance Program that enforces independent quality management for major IT projects per state administrative rules. De Jong said EIS is planning a replacement for an end-of-life SharePoint platform used on Oregon.gov and will add vendor choices for contact-center services.

Catherine Darnell Helms, the chief data officer, reported that the state has released an enterprise memorandum of understanding (MOU) for data sharing and that three agencies — Oregon Housing, the Oregon Health Authority and the Department of Human Services — are piloting a statewide data‑sharing MOU intended to shorten negotiation times for interagency data use. Helms also described the public Oregon Transparency website, the state’s ortho‑imagery program (airborne imagery hosted in AWS), and planned work to strengthen geospatial parcel data in partnership with county assessors.

Why it matters: lawmakers asked about coordination, mandatory controls and follow-through. Presenters said mandatory items in the state service catalog require completion, and EIS/CSS follow up with assessments, visits and technical assistance to ensure compliance. Committee members sought additional detail on timelines and funding for SharePoint migration, long‑term funding for recurring ortho imagery, and the scale of data center savings.

Ending: Presenters offered to return with project timelines, more precise cost details and, where required, closed‑session briefings on security‑sensitive programs.