By Kevin A. Joiner, CCISP, Chief Information Security Officer, Brazos County, Texas
Cybersecurity is all the rage these days, unfortunately. AI has made local government jobs both easier and harder as we prepare to mitigate attacks from cyber-crime organizations and nation-states. AI integration into many of the security products we use allows for large amounts of data to be analyzed very quickly. This helps reduce false positives in our alerting infrastructure and allows us to spend our time remediating obviously malicious attacks. However, our adversaries are also using AI to create better and more believable phishing campaigns, generate code, and analyze data. This means that these attacks will be less likely to be caught by the ‘good AI.’
Just in case you think the bogeyman of cyber, ransomware, is going away, think again. In August, Tripwire ($75 Million Record-Breaking Ransom Paid To Cybercriminals, Say Researchers | Tripwire) reported that a Fortune top 50 company paid $75 million in a single ransom payment to the Dark Angels ransomware group. That should be enough to run a mid-sized cyber-crime organization for over ten years. Referenced in that same article is a $40 million payment in 2021; the lesson here is that cyber-crime organizations aren’t going anywhere.
Part of my job is to stay abreast of cybersecurity trends and prepare my county to best handle them. A survey of these trends led to the decision to ask for an additional cybersecurity-focused position. It was approved last fiscal year, and we made our hire this past spring. I couldn’t be happier!
Many organizations are making the decision to hire cybersecurity-focused staff. This can be a challenge for managers that come from a traditional IT background. Cybersecurity acumen is different from typical network or server management. I’ve had numerous conversations with our fellow TAGITM members about cyber resilience and have personally had more than a few asking for advice on interview questions.
Before I get to my favorite questions, I feel the need to level set on security posture. Any IT leader needs to decide what they are looking for in a cyber program. Do you want someone that aligns with you in their approach to cyber so you can work collaboratively to pull in the same direction? Alternatively, you could choose someone with a different approach entirely to provide balance and a different perspective to help fill holes. There isn’t a right answer here, and you may not truly decide until you are interviewing prospective employees.
Here are three of my favorite questions: