Under the leadership of CISO John Godfrey, the State of Kansas modernized cybersecurity and IT operations across more than 40 agencies by unifying endpoint management and automation with Tanium. Godfrey recognized that the increasing complexity of cyber threats required a fundamental rethinking of workflows—“we can’t do things the same way we did before and need to reimagine those processes moving forward.” With Tanium, Kansas now provisions and reprovisions endpoints consistently statewide, enabling real-time visibility, automated patching and compliance, and rapid Windows 10 to11 upgrades that save significant costs and time while strengthening risk posture.

This whole-of-government approach—backed by legislative support and aligned with Senate Bill 291 and NIST CSF 2.0—has closed critical detection gaps, improved audit responsiveness, and enabled a 24×7 SOC without additional headcount. Kansas’ repeatable framework of “Prove, Deploy and Operationalize” and its use of enterprise risk dashboards to prescriptively prioritize vulnerabilities and critical patches provide a model any large public-sector organization can follow to accelerate risk reduction and operational efficiency.

Key Takeaways / Highlights

• Consistent, Automated, Secure Provisioning – Dramatically faster and more secure endpoint deployment and reprovisioning across 40+ agencies.
• Risk Management – Godfrey’s vision scales security beyond agency silos, leveraging automation to continuously reimagine workflows.
• Faster, Automated Upgrades & Cost Avoidance – Windows 10 to 11 migration completed at a fraction of the time and expense, strengthening the overall environment.
• Real-Time Incident Response & Gap Closure – Tanium’s live data helped prevent potential compromises and close longstanding detection gaps.
• Compliance & Audit Confidence – Enterprise dashboards and unified data accelerate responses to growing legislative and audit demands.
• Repeatable, Continuous and Automated Modernization Model – Kansas’ “Prove, Deploy and Operationalize” methodology offers a blueprint for other governments modernizing cybersecurity while creating a path for future tool consolidation."

Additional details: