In this episode of our Panel Discussion, our speakers Dan Lohrmann (Field CISO, Presidio), Danielle Cox (CISO, West Virginia), and Michael Gregg (CISO, North Dakota) discussed What's Hot For State CISOs In 2023.
A Candid Conversation with Cybersecurity Leaders
The realm of Chief Information Security Officers (CISOs) is continually evolving, and 2023 brings a fresh wave of challenges and opportunities. In this candid conversation, Dan Lohrmann, Danielle Cox, and Michael Gregg share their insights into what's trending and top of mind for CISOs in state government across the United States.
Meet the Experts
Dan Lohrmann - Field CISO, Presidio
With a background spanning from the National Security Agency to Michigan Government, Dan brings extensive experience to the table. His journey has been marked by various roles in both state and federal government, providing a unique perspective on the challenges and successes of CISOs.
Danielle Cox - CISO, West Virginia
Danielle's remarkable journey from a legal background to cybersecurity leadership showcases her adaptability and commitment to the field. As the CISO of West Virginia, she oversees the cybersecurity efforts for the state, bridging the gap between the public and private sectors.
Michael Gregg - CISO, North Dakota
Michael's pivot from the private sector to state government was driven by a desire to enhance the efficiency of state operations. He's responsible for safeguarding a broad spectrum of government entities in North Dakota, emphasizing collaboration and knowledge sharing across states.
The Expanding Horizons of State CISOs
2023 promises new horizons for state CISOs, and the panel delves into some key themes and challenges.
1. Building Robust Security Operations Centers (SOCs)
Michael Gregg discusses the remarkable growth of North Dakota's SOC, which extends its protective umbrella over not only state agencies but also counties, schools, and more. This shift towards inclusivity ensures a baseline of security across a multitude of entities.
Key Takeaway: Collaboration and information sharing across states have become imperative in the face of evolving cyber threats.
2. The Unknown Threat Landscape
Danielle Cox highlights the challenge of dealing with the "unknown." Legacy systems and mindsets are deeply ingrained in state governments, making it difficult to identify vulnerabilities and risks. Achieving visibility into the entirety of the threat landscape is a priority.
Key Takeaway: CISOs must constantly adapt to rapidly changing environments and take down silos to improve information sharing.
3. Vulnerability Remediation and Proactive Defense
Michael Gregg emphasizes the need for comprehensive vulnerability remediation. Legacy equipment and budget constraints make this a formidable task for state CISOs. A proactive approach, focusing on prevention rather than response, is crucial.
Key Takeaway: Looking upstream to identify vulnerabilities in the supply chain and addressing them before they infiltrate state systems is a strategic shift.
4. The Ongoing Battle Against Ransomware
Ransomware remains a persistent threat. State CISOs must be prepared to deal with potential attacks while continually bolstering their defense mechanisms.
Key Takeaway: Ransomware isn't going away, so robust defense and incident response plans are vital.
Join the Cybersecurity Community
If you're a CISO, CIO, Cybersecurity Manager, Vulnerability Manager, or Security Analyst looking for insights, collaboration, and professional growth in the dynamic world of cybersecurity, consider joining CISO Platform. It's a community where knowledge is shared, challenges are discussed, and solutions are discovered.