The Cybersecurity Goal Council was formed September 5, 2017 with the goal of raising the statewide vulnerability management score to 700 by December 2017. The State exceeded this goal with a final average score of 728. 

Following that achievement, the next phase of the group was to standardize processes to ensure sustainment and continuous improvement of the statewide score.  This meant achieving a sustained minimum 725 score for every state agency by December 2018 and with all the agencies' participation and support, the GC5 saw a sustained 725 score for every state agency before the end of 2018.

In February 2019, the Enterprise Security Program Advisory Council (ESPAC) was formed as the next evolution of the GC5 concept.  ESPAC represents the next step of unified cybersecurity strategy for the collective benefit of all State agencies.  Where the initial GC5 was focused on monitoring a single enterprise security service, ESPAC would now begin collaborating on standardizing and monitoring all enterprise security initiatives.  Its overall mission was to help develop an truly statewide cybersecurity strategy and help oversee enterprise cybersecurity operations. 

Today, ESPAC helps guide the necessary components of a unified statewide cybersecurity program by providing recommendations on enterprise cybersecurity services and policies to the State Chief Information Security Officer (CISO).