StateScoop highlights 2017 State Cybersecurity Leader winners
The State Cybersecurity Leader award recognizes the state leaders who demonstrate a passion and focus on keeping systems secure and thinking about security in the big picture of state IT.
Danielle Alvarez
Chief Information Security Officer
State of Florida
Danielle Alvarez transformed Florida’s IT landscape by adopting the Florida Cybersecurity Standards to support enterprise services, create a common languageand improve security for agencies. She secured $4.1 millionto identify state cybersecurity needs and promote enterprise program execution, which will save taxpayer dollars and improve Florida’s security posture. Alvarez advocated training for personnel on high-impact security functions and led installation of a new SIEM platform based on Splunk technology. She promotes effective governance to enhance integrity of state systems that host citizen information and sensitive data. Alvarez is currently drafting a strategy to bolster advanced cyber-response capabilities throughout Florida.
Frank Andrews
Chief Security Officer
State of Arkansas
Frank Andrews has served as the state chief security officer since November 2013. He recently helped spearhead a cybersecurity risk assessment of the state IT environment in Arkansas. Andrews is a member of the DIS executive leadership team where he help provide guidance and counsel to the agency director on all cybersecurity-related matters.
Deborah Blyth
Chief Information Security Officer
State of Colorado
ColoradoCISO Deborah Blyth managed to crush all metrics with regard to cybersecurity risk. In the last year Colorado’s overall risk scorehas gone down 30 percent and is well intothe low-risk range specified by the state. Blyth and her team tackle 8.4 million security events daily, and continue to move the needle by using state-of-the-art technology that breaks that number down into quantifiable categories of whats a real threat and what is not. Blyth often says, People ask if our systems are secure. The mistake is thinking that you are ever secure. Its a never-ending job.
John Griffin
Manager, Enterprise Information Security Operations Center
State of New York
In his role as interim Security Operations Center manager, John Griffin works diligently to manage cybercommand incidents for New York state. Through his leadership and mentoring, New York state agencies have been able to recover from ransomware, phishing, and targeted system attacks. John’s commitment to protecting the state has resulted in improved citizen data protection, as well as prioritization of investments required by New York state to improve cyber security effectiveness. John is committed to ensuring that the state of New York is secure and prepared for potential cybersecurity challenges.
David Kelly
Captain, Michigan Cyber Command Center
Michigan State Police
Capt. David Kelly is building next-generation platforms that integrate diverse data sets, analyze data, and present users with customizable dashboards. Kelly has pioneered data sharing within the MSP and his efforts have gained the commitment/participation of other state departments of government. He has championed the public/private sector sharing of cybersecurity events as prevention through education tool. His team’s newsletter reaches more than 800private sector partners. Kelly also is leveraging tools to exploit the dark web as an intelligence source forinvestigators and critical infrastructure partners.
Peter Liebert
Chief Information Security Officer
State of California
A federal cybersecurity analyst, Navy officer, private sector project manager and now chief information security officer for the State of California, Peter Liebert is securing the technical environment in one of the largest public-sector organizations in the nation. Alongside his CISO role, Liebert also serves as director of the Office of Information Security in the California Department of Technology. Liebert has reported that the more complex and difficult a job, the more enticing it is to him, which is why he is now charged with leading California out of a complex security audit completed in 2015 that leaves a lot of work left to be done.
Kirk Lonbom
Chief Information Security Officer
State of Illinois
Kirk Lonbom issued the first comprehensive cybersecurity strategy in the states history the first enterprise plan to protect all state systems and information from attackers andsecured 4.9 billion records of sensitive information by working across agencies, boards and commissions to encrypt or remove the records. He introduced an enterprise-wide cybersecurity training program for all state employees to empower staff to be the first line of defense against cyberthreats and established an enterprise-wide Information Security Risk Management Framework to assess and reduce risk across 62 agencies, boards and commissions in the state. He also established automated and repeatable processes to optimize the response to information security incidents.
