Fraud Management & Cybercrime
,
Governance & Risk Management
,
Remote Workforce
Deputy State CISO of Arizona on Why Intermediaries Are Needed for Info Sharing
Arizona has long been a leader in leveraging IT and providing digital services to citizens, but across the state and country alike, new challenges are emerging in the wake of the pandemic, and with them come new threats and risk factors.
See Also: Rapid Digitization and Risk: A Roundtable Preview
“The biggest concern, especially now with everyone moving to remote work, is: We’re having to shift focus to look at our endpoint protection and our users,” says Ryan Murray, deputy state CISO of Arizona.
Murray stresses that it’s not a job state government can do on its own. “We have to rely on our private sector partners to help provide some of those capabilities,” he says.
Trust plays an important role in the success of public-private partnerships for information sharing and security. Murray recommends engaging a “trusted intermediary” between public-private partners. “We’re partnering with an organization called the Arizona Cyber Threat Response Alliance or ACTRA that sits in the middle between private and public, so private sector organizations can feel comfortable sharing that threat information through an anonymous source to the government to be able to protect themselves better, and vice versa.”
In this video interview with Information Security Media Group, Murray discusses:
- How Arizona is engaged in public-private partnerships for information sharing and security;
- What the “cybersecurity poverty line” is, and what it means for the security industry;
- An overview of the state of Arizona’s cybersecurity readiness program.
Murray serves as both deputy director for the Arizona Department of Homeland Security and deputy state CISO. He was previously the CISO for the Arizona Department of Revenue. Prior to joining the state in 2018, Murray worked for several other public sector agencies in Arizona, including Maricopa County and the Crane School District. He has nearly 20 years of experience in IT and information security.