By Brandon Rogers, CISSP, CISM
Staying on the forefront of cybersecurity in today’s world requires a multifaceted approach. Understanding the county’s mission and goals, having strategic focus and leveraging partnerships are all key to the success of an information security program.
Understanding the political and business drivers of county departments is important for the proper balance of business functionality and security. It matures the business relationship from security being a support department to it being a strategic partner helping county departments achieve their missions and goals. Texas counties do not all operate the same, and what might work for one might not work for all. By taking the opportunity to include business drivers in your information security plans, you will find that your security solutions not only protect your county but also add value to that county department by reducing compliance/operation risk and supporting efficient and effective business outputs.
Properly planning for the future with business and compliance road maps helps ease the regulatory compliance strain within organizations. Information protection regulations have increased in requirements and complexity, often being updated and changed on an annual basis. Planning for new technologies such as cloud and hosted services requires a change in mindset and operations in order to be able to take full advantage of the technology without adding risk to the organization. This allows time for proper planning to build security and compliance into solutions instead of bolting them on after the fact.
Partnerships are key to staying updated with topics in technology and security. Even while working remotely, there are still opportunities to join regional information security organizations, collaborate with other counties and team up with city, state and federal partners. Additionally, you can leverage the vendor community to stay connected to your industry and the people with whom you do business. Staying connected is essential because the threat landscape is constantly changing, and technology teams are struggling to resource adequate responses to that very changing landscape.
As we all know, there is no one-size-fits-all approach to strong cybersecurity, especially at the local government level. But by expanding our thinking from a siloed view and taking a multifaceted approach, protection of our networks becomes a team sport, involving people at every level and planning for a stronger, more secure future.
Brandon Rogers, a certified information systems security professional and certified information security manager, is Travis County’s chief information security officer for technology and operations.