Government Technology* asked him four questions:
1. How has your background prepared you to work in Austin?
Working in Dallas and now Austin is way different from the private sector, where you have a lot more of a top-down approach. In the public sector, you have a lot more voices to deal with. When I was with Air Medical, all we did was EMS and picking up patients. Here we have 43 departments doing very separate things.
With Dallas and Austin, the sizes of the cities are pretty close, but the populations and politics are a little different. So, navigating that has been a little different, and IT was more centralized in Dallas, and now that’s kind of where we’re heading in Austin. There’s multiple security teams in Austin, whereas in Dallas I had one security team.
2. What are your top cybersecurity priorities?
Our top priority is resiliency. A lot of cybersecurity focuses on how to defend and protect. We still want to do those things, but the core is more about resilience, because in the public sector, you’re going to get hit with something at some point. So, you need to figure out how you’re going to get back on your feet as fast as possible.
We’re working on how to segment and reduce the blast radius. If the homeless solutions department gets hit, it doesn’t affect our police department. We don’t want to be dealing with a completely flat network. If we’re able to segment the departments, we’ll be able to get those that are hit by cyber incidents back on their feet as fast as possible, while not affecting other departments.
3. How do you collaborate with other departments?
I’m still learning the landscape in Austin, and it’s a complicated organization, but Dallas was the same. It took me a long time to meet everyone and understand what they do and where they do it. Eventually there wasn’t a department director or even assistant director who I didn’t know. But I’m still building those relationships in Austin, and those are super important because you need everyone to know who to call. You also need everyone to start to understand what the processes are around cybersecurity so you can improve your posture from the personnel side.
4. What are the biggest cyber threats cities are facing this year?
Ransomware is morphing a little bit. It’s not so much focused on the ransom encryption piece, but more on the data that they’re exfiltrating and stealing. Ransomware is always a big threat, and it’s still in play.
Another big player is AI. In government, we have to vet AI products on how they impact our residents’ privacy and data. We have to take a more methodical approach toward engaging AI, while the bad guys just go buy it off the shelf. With phishing campaigns, they’re probably already using it to write malicious code to attack.
The other piece with AI is data poisoning. If a city is using a large language model with data, the bad guys can start poisoning that data, so it gives the city bad information to make decisions. Having bad information is worse than having no information. If bad guys apply it correctly, they could actually affect the city budget, potentially getting into bond programs and rerouting bond money to themselves.
*This story first appeared in Government Technology, Industry Insider — Texas' sister publication.
