The continual growth of the Internet has made it easier for hackers to spread computer viruses, increased the threat of identity theft and created the possibility of a virtual terrorist attack. With these intangible security risks comes the need for an expert in information assurance: the chief information security officer.
“The fact that technology and the Internet [have] become so pervasive has created incredible opportunity for business, but it’s also created a whole new set of risks,” said Dan Lohrmann, the first CISO for the state of Michigan, who explained that the advantage of the Internet is it makes the world function “7 by 24 by 365.”
“But guess what? The bad guys can work 7 by 24 by 365,” he said. “Why didn’t you see a chief [information] security officer 20 years ago? [Because back then] you couldn’t sit in Siberia, drinking vodka next to a snowdrift and hack into some business in Michigan. The Internet’s allowed that or at least the potential for that.”
The CISO, which was a rarity five years ago, has become more pervasive in corporations as well as state governments. For Lohrmann, who has more than 20 years of technology experience, changing the culture of the government’s employees was a big part of this new role.
“When I first got to state government, it was wide open,” Lohrmann said. “The biggest security problem was people were walking in off the streets, walking into cubes and stealing purses and leaving. It was a lax…
Please log in or subscribe to read this article