Advertisement

Top 17 State & Local Cybersecurity Leaders to Watch

Timothy Lee Chief Information Security OfficerLos Angeles Whats your current position and how did you get there? I am currently the chief information security officer (CISO) at the City of Los Angeles. I am responsible for overall cybersecurity strategies, policies and initiatives for Americas second largest city. I established and chaired the citys Cyber Intrusion Command Center and founded the cybersecurity public-private partnership organizationLA Cyber Lab. I implemented and direct the citys first Integrated Security Operations Center (ISOC), which won several awards including theCenter for Digital Governments Cybersecurity Leadership and Innovation Award. Prior to this position, I served as the CISO at the Port of Los Angeles, where I established and managed the ports cybersecurity program. I concurrently servedas network and communication manager responsible for ensuring the support and delivery of the Ports voice and data communication networks. I have atotal of 20 years of experience in theinformation security, network […]

Timothy Lee

Timothy Lee

Chief Information Security Officer
Los Angeles

Whats your current position and how did you get there?

I am currently the chief information security officer (CISO) at the City of Los Angeles. I am responsible for overall cybersecurity strategies, policies and initiatives for Americas second largest city. I established and chaired the citys Cyber Intrusion Command Center and founded the cybersecurity public-private partnership organizationLA Cyber Lab. I implemented and direct the citys first Integrated Security Operations Center (ISOC), which won several awards including theCenter for Digital Governments Cybersecurity Leadership and Innovation Award. Prior to this position, I served as the CISO at the Port of Los Angeles, where I established and managed the ports cybersecurity program. I concurrently servedas network and communication manager responsible for ensuring the support and delivery of the Ports voice and data communication networks. I have atotal of 20 years of experience in theinformation security, network and telecommunication field. I have an MBA degree and professional certifications inCISSP and PMP. I am a recipient of the 2016 StateScoop 50 Award and I have spoken at several conferences.

Whats your biggest ongoing project?

As a CISO of an organization with 48,000 full-time employees, I am responsible for overall cybersecurity strategies and initiatives to protect citys critical digital assets supporting 4 million residents. Of the many accomplishments, the Integrated Security Operations Center (ISOC) is most noteworthy. The $1.8 millionfacility consolidates all departmental cybersecurity into one central system, monitored 24/7 and incorporates advanced technologiessuch as a Security Operations/Incident Management System, Posture Dashboard, Alert Indicator, and Threat Analysis Platform. This provides real-time awareness of cyberthreats across all departments. In addition, the Threat Intelligence Portal (TIP) coordinates collaboration and response between city departments, the FBI, and Multi-State Information Sharing and Analysis Center (MS-ISAC). This partnership is critical to immediate threat resolution, provides early warning to state/federal agencies (to protect other municipalities) and rapid response capabilities. ISOC started with managing around 3 million citywide security events per week in 2015. Today around 1 billion security records per day are added to ISOC for correlation and analysis. In 2016, ISOC successfully detected and blocked 40 ransomware attacks and stopped about 49,000 botnets.

Whats the best cybersecurity decision you ever made?

The best cybersecurity decision I ever made is establishing the Cybersecurity Strategy based on the NIST CSF (Identify, Protect, Detect, Response and Recover).


Advertisement

Rob Lloyd

Rob Lloyd

Chief Information Officer
San Jose, California

Whats your current position and how did you get there?

CIO for the City of San Jose. Im sharing the CISO role with one of our senior managers as we stand up our Information Security Office. I was previously CIO and CISO for City of Avondale, Arizona;CIO and utility director for City of Ashland, Oregon, and chief of information technologies for Colorado Parks and Wildlife.

Whats your biggest ongoing project?

In the realm of cybersecurity, its standing up our Information Security Office. Weve phased the work plan into three segments: immediate needs, maturityand excellence. It focuses on outcomes and spans building around a NIST CSF policy and processes; human-centered vigilance; contracting and purchasing standards; a cybersecurity-as-a-service model for maximum signal through the noise without an armada of hard-to-fill positions; vSOC; joint procurement with peer governments for cybersecurity services and contracts; talent development; intelligence sharing; and joint work with the cyber threat alliance we are a part of (ACTRA).

Whats the best cybersecurity decision you ever made?

The decision to be part of and contribute to ACTRA. In this environment, it takes a network to beat a network. The alliance is a group of major local government, federal, private sector, academia, and utility partners contending against the malicious actors across the globe. ACTRA gives us early insights, monitoring, cross-sector information sharing, a talent development channel, and a partnership for joint responseif any of us runs into something dire. Organizations that stand alone will not survive, and allying was an early smart direction some of us made.


John MacMichael

John MacMichael

Chief Information Security Officer
Washington, D.C.

Whats your current position and how did you get there?

In my current position, I am the first Chief Information Security Officer (CISO) for the City of Washington, D.C. Like many cybersecurity practitioners, I took a circuitous route. I was a naval flight officer for almost 10 years; at a key career point I shifted gears and attended the Naval Postgraduate School where I received a foundational education in what was then termed information security and information assurance. I spent the next 15years leading military IT security and communications teams; I spent time in operations, red/blue teams and audit/assessment. After retirement from the Navy, I led data center, infrastructure and security teams in the commercial space before becoming a director of information security for a transportation firm; I also spent time as acybersecurity consultant performing NIST-based program audits. My timing for my current role was equal parts preparation and good timing; the District had a new chief technology officer,Archana Vemulapalli, and she was in the process of restructuring her organization and the method of delivering enterprise services to the over 60-plus agencies across the District. CTO Vemulapalli views cybersecurity as a core IT competency that she sought to strengthen in the enterprise model; my skills and background aligned with her team and vision.

Whats your biggest ongoing project?

Our largest Cybersecurity project is the ongoing, systematic review of our “cybersecurity stack”of capabilities in regard to the known anticipated threat vectors and potential new threat vectors. We use this review to determine whether we are adequately aligning technology to the threat, and whether we have adequately matched capabilities to organizational risk appetite.

Whats the best cybersecurity decision you ever made?

All my smart cybersecurity decisions revolve around the people I have chosen to work for, or the people I have hired to be my teammates. Poor technology decisions can be recovered from by implementing compensating controls. It is much more challenging to recover from poor hiring decisions.

Hiring yourself into the right organization is a key CISO decision. Joe Voje (the CISO of San Francisco) and I felt strongly enough about this topic of “hiring the right organization”that we wrote an article together in CSO online magazine.

Similarly, I view each cybersecurity team member as a key hire. For junior members and the Security Operations Center (SOC) team, we have been successful by looking to hire from within our helpdesk and support staff. We look for people that are “curious about technology”and want to know why things work. For more-senior team members, we look for potential hires to be subject matter experts (SMEs) in their particular area. We empower these SMEs to execute based on a shared vision and best practices.I want my team to know that it is a team sport and we are working together to support the District agencies, employees, and citizens.


Greg McCarthy

Greg McCarthy

Chief Information Security Officer
Boston

Whats your current position and how did you get there?

I am the chief information security officer for the City of Boston. Ive spent my entire career in the public sector, previously working for the State of Rhode Island. I obtained my masters of science degree in information assurance from Northeastern University and began working for the City of Boston over seven years ago as cybersecurity project manager. I worked alongside my predecessor to build the first cybersecurity program for the City of Boston. In July 2015, I was hired as the City of Bostons first CISO.

Whats your biggest ongoing project?

My biggest ongoing project, similar to many cybersecurity professionals, is continuing to raise awareness and educate employees on best practices for online safety while also beingmindful of their departmental missions and resources/related challenges. This remains an ongoing initiative due to employee turnaround, as well as increasingly complex and ever-changing cyberrisks. In addition, we seek to constantly enhance our educational programs to ensure they are current, engaging and effective for a variety of learning styles.

Whats the best cybersecurity decision you ever made?

I am particularly proud of an effort to request (and ultimately receive) federal funding for a regional cybersecurity liaison. This position provides cybersecurity support and information sharing between the City of Boston and eight surrounding municipalities in the Boston metro region. Although my primary objective is to protect the City of Bostons cyber assets, I am mindful of the interconnectivity of the surrounding municipalities. As the largest municipality in the region I feel some level of responsibility to assist our neighboring municipalities whenever possible and work to align our efforts when practical to do so. The regional cybersecurity liaison serves to strengthen the cybersecurity posture of each municipality and the region as a whole.

Advertisement

Latest Podcasts