Denver’s new CISO wants residents to receive cyber training, too

The City and County of Denver last week hired Merlin Namuth, a private-sector cybersecurity expert with 25 years of experience, as its new chief information security officer.

Before joining the Mile High City government, Namuth held roles at several prominent companies in the private sector including Sports Authority, Wells Fargo and Lockheed Martin. As Denver CISO, he is responsible for expanding and strengthening the city’s information security program, ensuring it aligns with industry best practices and regulatory requirements.

“We are thrilled to welcome Merlin to the City and County of Denver,” Suma Nallapati, Denver’s Chief Information Officer, said in the Wednesday announcement. “His deep understanding of cybersecurity makes him an invaluable asset to our team. Under his leadership, the city will strengthen its ability to protect our data and maintain the integrity of our systems.”

Denver, like many cities, is no stranger to cyberattacks.

Earlier this year, the Office of Colorado State Public defenders, located in Denver, was forced to shut down its computer network, after officials became aware of malware-encrypted data within its system. Public defenders, charged with defending those who cannot afford private counsel, were unable to access case information, prompting mass requests for postponements, which may create a backlog of cases across Colorado.

As CISO, one of Namuth’s key responsibilities will be internal cybersecurity trainings across Denver’s city government, to prevent phishing campaigns and other hacking techniques. However, Namuth told StateScoop in a recent interview that he also hopes to offer employee training to Denver residents.

“It’s really difficult for people to recognize if they’ve received a phishing email or not,” Namuth said. “And so I’m looking at some innovative ways that we can help our users, as well as our residents, recognize that and not fall victim to a phishing email attack.”