Office for Information Technology Executive Leadership
Deputy Secretary for Information Technology and Chief Information Officer
John MacMillan was appointed as deputy secretary for information technology and chief information officer for the commonwealth in March 2015.
John brings nearly three decades of IT industry expertise to the CIO’s office, including 18 years with IBM, most recently assisting the state of Ohio with its data center strategy. He also served for a decade with federal departments in Canada.
During his career, John has developed experience in areas including application development, system integration, data center operations and facility management, as well as knowledge of statewide programs including public health, education, transportation, rehabilitation/corrections, youth services, tax collection and enterprise ERP.
John graduated in Computer Technology / Computing Science from Algonquin College. He has held a Project Management Professional (PMP) certification since 1998, and earned his Stanford Certified Project Manager (SCPM) from the Stanford Center for Professional Development in 2009. John is ITIL Foundations certified. He and his wife have two sons.
Deputy Chief Information Officer
Rosa Lara was named Deputy Chief Information Officer in March 2015.
Rosa has over 15 years of experience in the information technology field, including oversight of very visible and highly complex initiatives. Notably, she earned a Governor’s Award for Excellence in 2009 for her role in leading the implementation of the IT solution the commonwealth leveraged to oversee $6.7 billion in ARRA funding from the Federal Government. She has experience in the areas of business process reengineering, large scale implementation efforts, financial management, procurement and managing for results. In her current role, Rosa has oversight over the IT policy, governance, strategic planning, project management, and the commonwealth’s broadband program. She has held numerous positions within OIT – including the Director for the Bureau of Application Development, which was responsible for close to 300 applications and a Deputy Chief Information Officer for Health and Human Service agencies.
Rosa earned a bachelor’s degree in Public Administration from The College of NJ, a Masters of Public Administration from the Maxwell School of Citizenship and Public Affairs and a Masters of Information Resources Management from Syracuse University. She and her husband, Francisco, have two sons.
Chief Technology Officer
Lanny Black is the Chief for Enterprise Technology Services & Chief Technology Officer (CTO) for the Commonwealth of Pennsylvania.
Lanny has over thirty years of senior management experience in information technology, specifically telecommunications, computer networks, server operations, and the design, implementation and directing of network operations centers (NOC). In addition, Lanny has extensive experience leading large corporate infrastructure and transformation projects, managing both large public and commercial enterprise contracts, and deploying commercial facility security solutions. Lanny previously served as the Bureau Director for Enterprise Services within the Enterprise Technology Services Office (ETSO), a position he held since 2010.
Lanny earned a Bachelor of Science Degree in Mathematical Science from Penn State University, has had extensive leadership management training and is ITIL v3 Foundation certified.
Chief Information Security Officer
Erik Avakian was named Chief Information Security Officer for the commonwealth in June 2010.
Erik joined the commonwealth in 2005 and became deputy CISO in 2007. He has over 15 years experience in securing enterprise-level environments and is an expert in reducing risk and mapping security to the business. He has extensive experience in security governance, risk management, compliance and incident response and remediation. As CISO, Erik is responsible for establishing enterprise security strategy, standards, controls, and security policies and leads the Enterprise Information Security Office, which defends against cyber attacks, reduces the commonwealth’s vulnerability to cyber attacks, and minimize damage and recovery time from attacks if and when they occur.
Erik holds numerous industry certifications including Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Security Auditor (CISA), GIAC Security Essentials Certification (GSEC) and is ITIL v3 certified. He is an active member of the National Association of State Chief Information Officers (NASCIO) Security & Privacy Committee, the SANS State Advisory Board, the International Information Systems Security Certification Consortium (ISC2), the Information Systems Audit and Control Association (ISACA), the Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Pennsylvania Criminal Intelligence Center (PaCIC).