The California Information Security Leadership Award is awarded to individuals who demonstrate outstanding leadership in information security including helping to develop future information security leaders, implementing strategies to promote security awareness, and implementing strong cybersecurity practices within their own organization and/or among government organizations. The three people recognized with this award are:
- Chris Lopez. As manager of Cybersecurity and Engineering (C&E) for the California State Lottery, Lopez was instrumental in making significant improvements to the Lottery’s security posture. C&E worked closely with the Security and Law Enforcement Division and Operations to transform how the Lottery manages its physical security. Over the past year, under Lopez’s leadership, C&E has led multiple efforts increase the Lottery’s security posture including implementation of numerous tools and systems, decommissioning of the Lottery's oldest and most vulnerable system, and rolling out multifactor authentication.
- Todd Ibbotson. As the information security officer for the California Employment Development Department (EDD), Ibbotson develops and implements EDD’s information security program to manage risk and protect EDD’s data. Under Ibbotson’s leadership, EDD’s Information Security Office managed a phishing education program that significantly reduced the rate that EDD employees click on phishing links sent via email. He also effectively managed complex data-sharing agreements and completed numerous security audits during the pandemic, while simultaneously supporting EDD’s overall efforts to attract and retain talent in a challenging employment environment.
- Daniel Temisanren. As the departmental information security officer for the Los Angeles County Registrar-Recorder/County Clerk, Temisanren is chiefly responsible for securing the IT systems that support LA County’s elections, including the recently deployed Voting Solutions for All People. Among other innovations, Temisanren has been central to standing up the Elections Cybersecurity Operations Center (E-CSOC), which was built to address the unique challenges of running a security program that oversees election infrastructure, including the monitoring of hundreds of temporary vote center locations. During major elections, he leads a team of analysts providing 24/7 security monitoring for the duration of the 11-day voting cycle. As a key part of the organization’s cybersecurity plan, the E-CSOC provides early detection of threats that may jeopardize elections.
The Best Information Security Collaboration Award recognizes a group of individuals working as a team through cross-organizational and disciplinary boundaries in risk reduction, mitigation or response. This can be a team or taskforce of individuals or organizations including state, federal, local, tribal, territorial, academic and private sectors.
- MISAC and MS-ISAC Partnership. The Municipal Information Systems Association of California (MISAC) and the Multi-State Information Sharing and Analysis Center (MS-ISAC) collaborated as a means of information sharing and coordination among local governments. Under this partnership, more than 2,000 municipal governments in California have been introduced to real-time cyber threat intelligence, no-cost cybersecurity services and peer-to-peer collaboration opportunities specifically tailored to local government organizations. As one example, MS-ISAC’s web security service, Malicious Domain Blocking and Reporting, has blocked 5.2 billion potential cyberattacks for MS-ISAC members in California since 2020. For its part, MISAC helped grow the MS-ISAC’s membership by 40 percent in California since 2020, greatly expanding the number of municipal governments able to leverage the suite of no-cost cybersecurity resources they offer.
- Marin Security and Privacy Council. Jason Balderama, chief information security officer for Marin County, established the Marin Security and Privacy Council (MSPC) to facilitate the sharing of cybersecurity and digital privacy information, resources and best practices for public and private agencies in Marin, with the goal of increasing awareness and helping prevent cybersecurity incidents and breaches.
Security Innovation
The California Information Security Innovation Award is for an individual or team that has demonstrated innovation in information security within their organization. An example is an individual or team that created a program to foster a culture of security, or an individual or team that showed leadership through tools, procedures and processes or implementing innovative solutions.
San Diego County has implemented a permanent teleworking program in which nearly 8,000 employees are routinely working from home using different computers and networks. The county significantly reduced security vulnerabilities while significantly improving the county’s IT security posture. All of this was completed while continuing to support a workforce conducting nearly half of the county’s operations from remote non-county facilities.
Excellence in Privacy
The California Excellence in Privacy Award goes to an individual or team that has demonstrated leadership and/or innovation in privacy. This year’s award winner is the Comprehensive Public Privacy Review for automated license plate readers by the San Jose IT Department and the San Jose Police Department.
The city introduced stationary automated license plate reader cameras to San Jose collaboratively with privacy experts, residents and city staff. The city held in-person and online meetings, consulted its task force of privacy professionals, and crafted novel signage to engage residents when they see the technology. In response, the city received exceptional constituent feedback that informed its policies, support and appreciation for including them in the process.
*Government Technology and Industry Insider — California are part of e.Republic.
