| How do you build an enterprise information security program from scratch? Most CISOs never have to find out, but that was the reality facing Bob Maley in 2005 when he became the first CISO of the commonwealth of Pennsylvania. His work in the last two years has saved the commonwealth more than $27 million. Maley talks about the challenges of putting together a comprehensive strategy and architecture for 80,000 users on a limited budget.
What was the environment like when you took the CISO job?
The government budget process moves slowly, and is done far in advance. How difficult does that make your planning?
Did you end up needing to do a lot of education with your users around security?