BUYER BE AWARE! Meredith Ward, Director of Policy & Research, NASCIO.

Show Notes

Today we're talking cybersecurity with Meredith Ward, Director of Policy & Research at the National Association of State Chief Information Officers (NASCIO). We examine NASCIO and NASPO's new joint publication, “Buyer Be Aware…Integrating Cybersecurity into the Acquisition Process," which addresses steps state governments should take to ensure cybersecurity is an integral part of the acquisition process. Meredith, Amanda, and I briefly examine NASCIO and NASPOs relationship, the relationship of the CIO and CPO, and why cybersecurity is important to the state procurement office.

Click here to view a transcript of this episode.

Follow & subscribe to stay up-to-date on NASPO!
naspo.org | Pulse Blog | LinkedIn | Youtube | Facebook

Transcript

Kevin Minor: 0:05

Greetings and welcome to the NASPO Pulse, where we are monitoring issues in state procurement. We've got our finger on the pulse. I'm your host, kevin Miner, and we have a very special episode today. Well, every episode is special, but you already knew that Today we're talking with the National Association of State Chief Information Officers, naseo, about cybersecurity.

Kevin Minor: 0:30

More specifically, we're talking about our new joint publication Buyer Be Aware Integrating Cybersecurity into the Acquisition Process. It addresses steps that state governments should take to ensure cybersecurity is an integral part of the acquisition process. And who better to talk about this with than my good friend and the Director of Policy and Research at Nassio, meredith Ward? Meredith Amanda and I briefly examined Nassio and NASPO's relationship, the relationship of the CIO and CPO and, of course, our latest publication that can be found at thenaspoorg. This episode of the Pulse Podcast is brought to you by NASPO's 2021 Virtual Reach Conference. Naspo's Reach Virtual Conference is a regional education and connections hub, ideal for staff members located in the State Central Procurement Office. Each state is encouraged to send a full complement of staff members and to take advantage of the professional development opportunities targeting the educational needs of state procurement professionals. Registration is now open at 2021reachnaspoeventsorg. Slash registration. Let's take that pulse, meredith. Thank you so much for joining us today.

Meredith Ward: 1:49

How are you Doing great y'all? Thanks for having me.

Kevin Minor: 1:51

Absolutely. We're so happy that you took some time. Meredith, you are the director of policy and research at NACIO. What are some of your responsibilities in that role?

Meredith Ward: 2:03

Well, Kevin, thanks for asking. That's a role that I think I've been in now for two years, but you know, the last 14 months time is kind of irrelevant, right With the pandemic. So I think it's been about two years, but two or three give or take give or take. It could be 50. I'm not really sure, but so a lot of initiatives that I had up at Nassio. One of the biggest ones are Nassio Deloitte Cyber Study, which we do every other year. If you want to check that out, it's on our website.

Kevin Minor: 2:34

It's a great publication.

Meredith Ward: 2:35

Thank you. I work on our CIO survey every single year. I know we're going to be talking about a lot of the projects that I've done with NASPO. I know we're going to be talking about a lot of the projects that I've done with.

Amanda Valdivieso: 2:45

NASPO.

Meredith Ward: 2:45

Procurement's one of my issues that I work on Workforce, you name it it's me, so give us some of your experience in state cybersecurity issues. So you know, Kevin it's interesting you know this about me, but Amanda you might not is that I used to live in Washington DC I'm from Kentucky but then moved up there after I graduated college.

Kevin Minor: 3:13

And I was an advocate, or hush hush a lobbyist, but I was a good one.

Meredith Ward: 3:15

I promise my last lobbyist position in DC. I worked with the International Association of Chiefs of Police and a big component of that was the state police and that's really where I got introduced to cybersecurity and cybersecurity as it relates to state governments, local governments, federal government, all that. And then, you know, at NASEO, I've been here now eight years I think, and I've really been fortunate that I have been able to work with our state chief information security officers, and I've really been fortunate that I have been able to work with our state chief information security officers, and I know that the NASPO folks know the CISOs in their state. So it's been really kind of great also to see the evolution of how cybersecurity has been taken a lot more seriously in state government. So I've enjoyed that.

Kevin Minor: 4:03

Yeah, I actually did know about your DC venture and that's why I wanted to. You're stint in DC, so I wanted to prompt you to tell that story.

Amanda Valdivieso: 4:12

That's really interesting to have that experience behind you.

Kevin Minor: 4:14

And Meredith and I used to. We worked in the same building. I don't know if we ever worked together on anything. I was a young, young Glenn.

Meredith Ward: 4:23

You were.

Kevin Minor: 4:23

I started over there with you, but she taught me many things. She is a, she is my self-proclaimed, she has proclaimed herself my mentor.

Amanda Valdivieso: 4:32

Yes, absolutely yeah, you were her Padawan.

Kevin Minor: 4:36

Yeah, absolutely yeah.

Meredith Ward: 4:40

I influenced the young Kevin, so yeah, oh boy.

Amanda Valdivieso: 4:51

Let's talk about Nacio and NASBO, because we have worked closely together on many projects in the past. So can you briefly talk about some of the collaboration that we've done in the past and the relationship between our organizations?

Meredith Ward: 4:58

Well, you know, this has been one of my greatest I don't know if accomplishments is the right word, but one of the most rewarding things. I'll say that that I've worked on in my tenure at Nasio, because, you know, I got to Nasio in 2013. And you know, quite frankly, it procurement was an issue that everyone complained about CIOs, private sector and even, you know, some of the procurement folks were like we don't exactly speak the same language with the CIOs, right? So, you know, honestly, I was just kind of sick of hearing it and so I thought, well, we got to do something different. And you know, to NASPO's credit, you guys have been amazing partners to us and when we said, okay, we want to, you know, do this you all really signed on board, you know, very quickly. And so, in the summer of 2016, we brought CIOs and chief procurement officers together at a meeting in Charlotte, north Carolina, and we found a lot of CIOs and CPOs, even from the same state, had never met each other.

Kevin Minor: 5:59

Wow, yeah, we just thought wow it is.

Meredith Ward: 6:04

And you know, if you kind of fast forward through the last five years, we've, you know, released several publications together. We've done intensive workshops on things like negotiations and things like that and I think you know I can see from, you know I told you all that I work on the CIO survey every year.

Meredith Ward: 6:22

And just the level of satisfaction with the procurement process has really increased and the dissatisfaction has gone down. So I mean, of course it can't all be attributed to the work that we've done, but I do think it's a big part. And I think, you know, one of the biggest lessons learned obviously is is make sure you have a relationship. You know uh learned obviously is is make sure you have a relationship. You know CIOs have a relationship with CPOs and vice versa. Um, and I think that it uh that once you really build that relationship, that's a good foundation for a lot of uh, good things to come. So it's been, like I said, very rewarding to uh to work on this.

Kevin Minor: 7:00

Yeah, I actually still have a signed copy of that round table from you and Megan.

Meredith Ward: 7:06

Wow, that's right. Our blood, sweat and tears can be found in that copy too.

Kevin Minor: 7:12

Worth big money one day, yeah, so what is you say? Bringing chief procurement officials and chief information officers together for the first time? It really, relatively, has not been that long. Why is that relationship so important?

Meredith Ward: 7:27

Well, it's important because, you know, technology really touches just about every aspect of our lives these days, and that's certainly true in state government. I think that's something I know, that's something that we've seen really heightened over the last 14 months in the pandemic. Absolutely, you know, technology really kind of kept states running. It kept all of us running Right. Yeah, so you know, because technology moves so fast, because it's now a component of a department of transportation contract where technology would not have been 15 years ago or any sort of project in state government, when you're bringing in artificial intelligence, you're bringing in data analytics, so it's imperative that the CIO and CPO's office work closely together.

Meredith Ward: 8:10

I also know, you know we love our CIOs, but you know we also love our acronyms and a lot of terms. You know one of the things that we a lot of the feedback that when Megan and I were working on a lot of projects together that we would get is that you know the CPO offices. Everyone doesn't always understand all the technology terms and I can totally relate to that. You know there's a huge learning curve in a lot of that stuff when I came to Nasio. So that's why we kind of said if you build relationships. You have regular meetings and you know CPOs are educating CIO offices on procurement. Cio offices are educating CPO offices on the importance of technology, cybersecurity, things like that.

Kevin Minor: 8:54

Right. Well, and, like you said, between our two organizations, through that relationship we've been able to create several projects right, Joint projects along NASPO, NASIO and other organizations, and our latest joint venture is Buyer Be Aware.

Amanda Valdivieso: 9:13

Yep.

Kevin Minor: 9:14

Integrating cybersecurity into the acquisition process. Like I said, this is our latest publication that addresses steps state government should take to ensure cybersecurity is an integral part of the acquisition process. It also builds upon previous acquisition reformation and transformation work and publications from the partnership between NACIO and NASPO that started in 2016. So what prompted this work and what is it really building off of?

Meredith Ward: 9:44

So I mentioned a little bit about you know, yeah, the work that we started in 2016 and when we got CIOs, cpos together, and then the negotiations publication that Megan and I worked on. So from there, what we really have done is kind of built this in layers. So we kind of thought, ok, the foundation is helping CIOs and CPOs build a relationship, and so we really worked on that for a couple of years. Then we brought in the private sector because they're obviously a huge component of the acquisition process and you'll notice that we started saying the acquisition process that's the, you know, soup to nuts and I really credit Debbie Dennis of Oregon for coming up with that. She was in one of our workshops and because, you know, the procurement process is just one part of the acquisition process. From you know, there is an idea or a need to implementation, project management, oversight, all of that, you know, and the procurement process is kind of, you know, in the middle of that. So, you know, from then, bringing in the private sector, we also brought in chief administrators, which I believe that most CPOs are in department administration and in states, and about under half of CIOs are as well, so it was really important to get their perspective as well. And so, you know, kind of the next iteration, we thought, well, you know.

Meredith Ward: 11:03

And so you know kind of the next iteration, we thought, well, you know, cybersecurity is just so important and has become, you know, more kind of weaved into the fabric of state government.

Meredith Ward: 11:29

And so we I know that you know cybersecurity and I'll say that one of the most alarming things, or a couple of the alarming things that we found, we kind of we surveyed our CISOs, chief Information Security Officers, again, surveyed our CISOs, chief Information Security Officers again, and I know y'all spoke with your CPOs as well and what we really found is that, you know, cisos are not at the table when a lot of these conversations are happening. And this is, I got the impression a lot of this was conversations in agencies, when agencies kind of start that acquisition process and so then at the end, cybersecurity just kind of becomes a check the box or something that isn't planned for or budgeted for. So you know, that's kind of a thing that I would bring to everybody's attention. And then also, you know, we know that states don't have a good view into the cybersecurity practices of their private sector partners, of their vendors. So that's another thing where I see that some evolution really needs to happen in states.

Kevin Minor: 12:30

In the project they talk about cybersecurity as a team sport and so bringing together teams these CIOs, CPOs, chief administration, chief administrative officers is part of it, but can you talk just a little bit more about how they worked together?

Meredith Ward: 12:46

So first I'll kind of address the first thing you said. When we say cybersecurity is a team sport, I've heard a lot of people say before in state government, well, I don't have anything to do with cybersecurity. Or I have quite honestly heard from some of your members in years past that, well, I don't have anything to do with technology, so I don't need to worry about cybersecurity. And, like I said, that's a lot of folks in state government who have had that kind of that view. And so you know, with cybersecurity being the nature that it is, everyone is responsible for something.

Kevin Minor: 13:17

Right.

Meredith Ward: 13:17

It might just be making sure you take your cybersecurity awareness training, making sure you you know not to click on a link. I mean something as simple as that.

Amanda Valdivieso: 13:25

No phishing emails, exactly. Don't fall victim to those.

Meredith Ward: 13:30

Yeah, every time I spot a phishing email from our IT director, I'll email him and I'll be like you're not going to get me, sir. Um, so you know that's a, that's the cyber nerd in me. But you know, in talking about how, you know the part that um chief administrators and and others played, um, you know there's some really great chief administrators out there who really understand these issues. Um, in fact, in two States, the chief administrator or head of the administration department is also the CIO. Um, so these issues just really kind of go of go hand in hand. And you know, if your readers haven't checked out some of their research, they have a really good policy person over there too, in Jamie, who does a lot of their work.

Amanda Valdivieso: 14:11

So now, when we're talking about it being a team sport, it can't be. It has to be addressed. I know in the report it mentions, you know some of your CISOs had complained or commented that even though they are who they are, they're not brought in until the end of the acquisition process and then they're considered holding up the process when, after the products are even chosen, they have red flags. So for you, what does an integrated acquisition process look like for the CISOs and the CPOs?

Meredith Ward: 14:44

acquisition process look like for the CISOs and the CPOs. So I'll tell you that a lot of that too depends on, as you all know. You know, states are kind of the way that they're set up. They can be a federated model where kind of each agency is responsible for their IT. In some states, agencies can also be responsible for their own procurement. There's also, you know, organizational models where states are completely consolidated, or centralized, we call it, and that that becomes.

Meredith Ward: 15:12

You know, we've kind of proven that states are more secure if they're more centralized, and so it becomes easier to integrate all of these things in that sort of environment.

Meredith Ward: 15:20

But there are states who are never going to be centralized and you know, we always say you've seen one state, if you've seen one state, you've seen one state. But you know, I think that there's been a lack of awareness for many years, kind of how you know, we were talking earlier about the importance of cybersecurity and again, I think because traditionally, the last, however, many hundreds of years, if states were procuring maybe a product, there's really not an IT component 50 or 100 years ago, and so this is new in terms of years of government, and the same thing is true in federal government and local government as well. So you know, really, you know, one of the things that we've kind of harped on the last several years with CIOs and CPOs is everybody kind of coming to the table and really, if a CISO is involved at the very beginning, there's a lot of things. A CISO can say okay, you should check for this, this and this. You need to make sure that there's, you know, funding in this plan for these different cybersecurity aspects and things like that.

Amanda Valdivieso: 16:27

All right. So I know it's in the report, but, meredith, can you go ahead and kind of talk through some of the recommendations that and you know the findings for the report as far as what you would recommend for an improved cybersecurity and acquisition integration.

Meredith Ward: 16:42

Well, a couple of them, you know we really have we've talked about. But I want to reiterate because they're important, yeah, but again, having everybody have a seat at the table, that needs to be at the table and that is, like I said, something that Nasio and NASPO have really called for a lot. I did mention this. But making sure that cybersecurity is budgeted for at the beginning of the acquisition process I think that is I know that a lot of times that's a hangup is that at the end of the process, if a CISO has to kind of check a box and a CISO says what about these three things? And it hasn't been budgeted for, and clearly that's going to create some issues, no-transcript. Two, that are integrated with the plans and the architecture of the state's technology and cybersecurity. That's a really watered down definition, but that's kind of, you know, I like to say EA, enterprise architecture is everything.

Meredith Ward: 18:12

And then you know, beyond that there's some you know information in the publication and we've said this before about how a third-party provider can really be a good partner. That is one thing the past year or so that I've heard during the pandemic that a lot of if there was already a partnership in place in states that the private sector has been great in really helping states scale up. Think about the call centers and the chat box that really had to be put in place, yeah, within a matter of days. So you know that has been. I think that's been a really good experience for the most part in a lot of states. But you know, as far as the private sector, they really have to be open and transparent with the state about their cybersecurity practices. Again, going back to do you have a culture of cybersecurity where you say that cybersecurity is a team sport and kind of go and kind of go from there. So those are really the big, the big things that I'd like to highlight.

Kevin Minor: 19:12

Excellent In the report. One of the quotes that's on the top that I really like and is intriguing to me is look for partners and not just vendors or suppliers. If you are in the private sector, be a partner instead of simply a vendor or a supplier. What exactly does that mean partner?

Meredith Ward: 19:30

instead of simply a vendor or a supplier. What exactly does that mean? So that's actually something that we uh, that we wrote in. I think it was 2018 when we did the publication where we brought in.

Meredith Ward: 19:40

You know the private sector, um, and I think it's almost like one of those things that you know it when you see it, um, and I think that, uh, there have been. And you guys, I'm sure you talk to your state partners, your state members, every single day and you know it's kind of the difference between working with the state on, you know, a contract or whatever, as opposed to always, you know, going around the state CIO or the state CPO office to the governor or to someone else and trying to lobby for something. Those are some of the horror stories that we've heard and I think, and again, being, like I said a second ago, being transparent in your cybersecurity practices, just knowing you know all the risks that a state carries at the end of the day you know we talk about this a little bit in the publication at the end of the day, you know we talk about this a little bit in the publication At the end of the day, a state can never fully transfer risk. They just can't do it.

Meredith Ward: 20:34

It doesn't matter if you have unlimited liability, it doesn't matter what you put in the contract, At the end of the day the state is going to be responsible for at least something. So you know there's been a back and forth a lot between states and between the private sector, between who is going to assume all of that risk, and quite honestly, it has to be balanced. So I think I just went off on a tangent there again, Kevin.

Amanda Valdivieso: 21:02

But that is that you're fine.

Meredith Ward: 21:05

That's a good point for everyone to kind of to kind of realize that risk is also a team sport, I guess, and risk has to be passed around.

Kevin Minor: 21:13

Yeah, 100%, absolutely. You went off on a tangent, but you tied it back beautifully.

Meredith Ward: 21:17

Yes, if I have a point, I promise I do have a point, I'll come back to it.

Kevin Minor: 21:23

Your eyes just rolled back in your head just a little bit. It's true, I blacked out just a tad, but that's okay, just for a second Just a little bit, it's true.

Meredith Ward: 21:28

I blacked out just to say All right.

Amanda Valdivieso: 21:30

So, Meredith, let's switch gears quickly and talk about, you know, the last year when we had the pandemic.

Meredith Ward: 21:48

What were some of the implications for the states with the future of cybersecurity and what like.

Amanda Valdivieso: 21:51

What were some of the changes that had to happen as a result of?

Kevin Minor: 21:52

the pandemic.

Meredith Ward: 21:53

So a lot Right, and mostly you know it was. Things were already kind of in place, but the scale and the magnitude in which states had to respond, that has been the biggest thing. And from you know working from home, you know making sure that it's like if everyone is in the office, right from a cybersecurity perspective, you kind of know what your like threat attack surface is. But when you go out to everyone now working from home, you're looking at home networks. Do you use a VPN? You know what do you use to make sure that that's all secure? And another thing that sounds completely silly but it's 100% true is that not every state deployed laptops to their employees. So then it becomes, you know, does an employee take home a state property? Because in a lot of states that's, you know, prohibited. Do you know employees use their own equipment also in a lot of states, uh, almost every state prohibits like using your phone to um, to um, you know, get state to get on the state network.

Meredith Ward: 23:00

So there was a lot of things um, about you know, with that there was also from, uh, the procurement process. You know a lot of emergency executive orders were put in place by the governors and which enabled states to really stand up a lot of these things that we were talking about. So you know as far as kind of what might continue. I can tell you 100 percent that states will not go back to everybody working in the office. I mean every single CIO that I've talked to you know in fact I talked to one earlier today that you know they're going, they're reducing their space before the pandemic to now. What they're going to have is only 25% of what they had and they're going to have a hoteling, you know type of atmosphere and I think that that's probably going to be true across a lot of you know a lot of sectors and so you know this securing work from home is going to become the norm, I think, and different collaboration platforms.

Meredith Ward: 24:02

I mean, think about all the things at the beginning of the pandemic we heard about Zoom bombing and other unfortunate incidents. You know we really had to make sure that everything is secure. So I think you know work from home is here to stay. I hope that some of the things that were put into place during the emergency orders and procurement processes, I hope some of that can stay Because, from what I've heard, a lot of things have worked really well Because, from what I've heard, a lot of things have worked really well. But I just kind of I'm really kind of looking forward to the future and seeing how this all does play out, because I just think that our lives are never going to go back to completely how it was pre pandemic.

Amanda Valdivieso: 24:44

I have to agree with you there, meredith. I know we've done a number of surveys on our own membership on what their future work working space looks like, and it's either hybrid or fully remote. So right, and you know the other for the CIOs it will.

Meredith Ward: 24:59

And I'll just say one thing I should have said earlier. Sorry is that you know, a lot of states only have workers that live within the state, and so what this does is kind of open up where there are talent gaps and talent shortages because, you know, bless them. Some of the state capitals are not in cities where you know a lot of people want to live and I can say that about some states that are close to me.

Kevin Minor: 25:24

True.

Meredith Ward: 25:24

So, and if you think, about, you know, cybersecurity talent in particular. You know states are competing with the federal government for their workforce. They're competing definitely with the private sector who can pay more. So you know, I really hope that states kind of open up some of their rules. And there's a handful of states where it's actually a law that employees can't live outside of the state. Wow, so for some of these specialized, yeah, it is.

Kevin Minor: 25:51

I didn't know that.

Meredith Ward: 25:53

So for some of the specialized, you know areas and I think cybersecurity, it's one where you know, really nationally we have negative employment. There's not enough people to fill all the jobs.

Kevin Minor: 26:04

So I certainly don't think Negative employment. Negative employment and when it's one of the biggest growing sectors right so there's more ones in this Right, right.

Meredith Ward: 26:14

So for all of the high school kids listening, and I know that's a big percentage of your school mostly high school yeah. Their business teachers, making them watch Right Right, get a degree in cybersecurity, y'all. It's an excellent growing field. So many things you can do. You will always have a job and that is the old person in me giving advice to the younger generation much like I did with kevin years ago.

Kevin Minor: 26:42

Yeah, there you go and now look at me. I'm I'm producing the podcast that you have come so far. Yes, yeah, and Meredith. Where can our listeners go to find this report?

Meredith Ward: 26:55

So it is on. I think it's on NASPA's website as well. I'm not sure, but on a NASCO's website, when you just go to the resource center, there's this giant button at the top. You can't miss it. That's where all of our publications are, um, and if you're interested in any publications that we've talked about here from 2016 to today, the ones that we've done together you can actually filter by the topic procurement on Nacio's website and read everything, and you know, happy to talk to anybody if they have questions or comments or anything like that and we'll make sure we put all those resources in the description for this podcast so people can go ask questions.

Kevin Minor: 27:30

And, meredith, before we let you go, oh, I'm stealing this one from you Sorry. Meredith, before we let you go, what is some advice you would give to our listeners?

Amanda Valdivieso: 27:41

Not just the professional advice.

Meredith Ward: 27:43

Not just the high school. Well, that's the biggest part of your demographic, so keep that in mind. But no, this can be personal advice, or just anything that you know or learn. Want to shout out? Well, that's the biggest part of your demographic, so keep that in mind.

Kevin Minor: 27:51

But no, this can be personal advice or just anything that you know or learn.

Meredith Ward: 27:56

Want to shout out. So I will say that the thing that I've learned over the last year. You know, people used to talk about work life balance all the time and I kind of thought that was kind of BS because our lives are our lives, but it has been forced upon us. With working from home, there is no delineation and I didn't love it at first. I'm going to be honest, as everybody can tell, I'm a ridiculous extrovert, but I really like it now and it has actually helped me kind of create more boundaries between making sure you take time off.

Meredith Ward: 28:29

And you know, sometimes I tell my people like I just want to sit and stare at the wall and be able to think about things for a little bit. So you know, I saw this meme last week that basically was comparing, you know, the culture in Europe to taking a vacation, which is people take off a whole month of August and it's totally acceptable. And then you know people in the United States. It's like I'm getting kidney surgery. I will be out for two hours, you can reach me by my cell phone anytime of day.

Amanda Valdivieso: 28:55

And it's like, oh, man, you know most of us are not curing cancer.

Meredith Ward: 29:00

You know we're really not. So uh take, take some time off, uh go travel and see a world, and there you go. That's my advice.

Kevin Minor: 29:08

That's great yeah.

Amanda Valdivieso: 29:11

All right. So thank you, meredith, so much for joining us today. We really appreciate all of your words of wisdom and everything that you have to offer us, and we look forward to having you back on the pod soon, right, kevin?

Kevin Minor: 29:20

Absolutely Friend of the pod, friend of the pod forever.

Meredith Ward: 29:22

Right, Thank you all. Amanda, please make sure Kevin behaves okay.

Amanda Valdivieso: 29:26

I will. I always keep my advice to you, thank you.

Kevin Minor: 29:29

No way Won't happen. I ain't never going to behave, meredith. You should know that better than most. What an interesting lady. Wonderful conversation, talking about cybersecurity as a team sport Very interesting notion, perhaps more relevant now more than ever. Have you ever had that thought? Nah, I don't know. I don't have anything to do with cybersecurity or technology in general. Well, that is not true, especially in this post-COVID world we live in, where the tech piece is so prevalent. What do you think? Have you ever had these thoughts? What are your experiences with this topic lately? Maybe you're worried about your state's cybersecurity infrastructure. We would love to hear about it from you. Email us with your questions and comments at podcast at NASPOorg, if you haven't already, make sure you subscribe to us on Apple Podcasts, spotify, google or wherever you get them. Sweet listeners, and make sure to check out the NASPO blog, pulsenaspoorg and catch up on some procurement articles written by your very own NASPO staff. I'm Kevin Miner. Until next time.