As a former Navy cryptologist and the current CISO of the City of Phoenix, the individual views cybersecurity as a form of evolving warfare, much like how combat technology has advanced from slings and stones to modern nuclear weapons. They emphasize the importance of adopting cutting-edge technologies like Security Orchestration, Automation, and Response (SOAR) while recognizing key challenges faced by organizations and vendors.
The CISO highlights that many organizations are eager to implement advanced technology for cyber defense but often struggle with fundamental security practices. Vendors, on their part, tend to focus on marketing rather than effectively addressing breaches. The CISO stresses the need for a robust, foundational approach to cybersecurity that goes beyond just technological solutions.
Their strategy involves acquiring the best methods and tools based on thorough research, data analysis, and conversations with peers who have firsthand experience with specific technologies. They avoid getting locked into a single vendor’s ecosystem to maintain flexibility and cost-effectiveness. The CISO also values balancing technology with human capital and often works with managed security providers to manage expenses and enhance cyber resilience.
Reporting directly to the city manager and council, the CISO aims for cyber resilience — ensuring minimal damage and smooth operations during cyber attacks rather than complete security. They lead by example, leveraging their background in cryptologic warfare to guide their team with agility and continuous learning. They advocate for ongoing education, collaborative learning, and a strong team dynamic to build a secure and resilient organization.
