Access your Pro+ Content below.
Agnes Kirk on the role of CISO, Washington's state of mind
This article is part of the Information Security issue of October 2017, Vol. 19, No. 8
Agnes Kirk has played a key part in the security posture of Washington state for 12 years. The CSO role was created in 2004, and she took the position in 2005. But the work included ever-growing cybersecurity responsibilities as more and more government functions moved online. When the separate role of CISO was created, Kirk got the job. Appointed by the state CIO, Kirk serves in both the role of CISO and as head of the Washington State Office of Cyber Security. The OCS, which is part of Washington Technology Solutions, sets the strategic direction for protecting the state's information and infrastructure -- transportation networks, power systems and financial services. Kirk also chairs the state of Washington Cyber Incident Response Center and serves on multiple boards and committees. In July 2017, the Washington state National Guard's cybersecurity unit indicated plans to become more involved in national and local incident response. Like many states, Washington has weathered its share of damaging cyberattacks. In October 2016,...
Access this PRO+ Content for Free!
Features in this issue
Data breaches and incoming regulations are heightening the need for a data-centric security model, say security leaders. Here’s how to gain control and stop unauthorized use of your data.
A state CISO champions innovation for Washington, from early development of a single sign-on system to leadership of the new Office of Cyber Security.
Until WannaCry and NotPetya, estimates of ransomware cost and damages were likely overblown. But indications are that companies lost hundreds of millions from these malicious attacks alone.
Columns in this issue
When Yahoo finally disclosed a massive 2014 data breach to up to five hundred million affected account holders in September 2016, some already had legal representation.
The 'father' of the Orange Book has first-hand knowledge of the standards required for classified computer systems and the issues with subversion.