Texas A&M University System’s Cody Autrey “likes to dabble in the dark web.” He’s looking for patterns, ideology and tactical moves of various cyber criminals so he, in turn, can analyze potential threats to the many organizations within the system and beyond.
“Threat intelligence is gathering, collecting, analyzing intelligence, looking at that intelligence on a strategic level and then bringing it down to an operational, tactical level and then doing threat modeling,” he said.
Autrey is the manager for cyber risk management within the Texas A&M System Office of Cybersecurity and spoke this week at the Texas Digital Government Summit (DGS)* about the cyber landscape. The office not only serves the university system but also the State of Texas Information Sharing and Analysis Organization (TX-ISAO).
Texas A&M recently renamed its Security Operations Center to the Office of Cybersecurity. The university system, according to the website, has a $7.8 billion budget, 11 universities, a health science center, eight state agencies and the RELLIS Campus. There are more than 153,000 students, and the university spends more than $1 billion annually on research and development.
“What we’re protecting … speaking specifically of A&M: Department of Defense research, intellectual property and any other private or proprietary information that A&M holds — that of our employees or students,” Autrey explained during a Texas DGS session on cyber.
He emphasized that breaking down silos is important to the university’s cybersecurity stance. This means being aware of various division needs, products and vendors and taking cyber concerns to the business side in a meaningful way. Earning buy-in takes time, but he said it’s worth the time to get a bird’s eye view.
Additionally, the university system collaborates and interacts at the state level both on information sharing and as a partner that gives the alarm to potential threats.
“I’ll put our incident response team against any adverse incident response team in the state. They are great at what they do, and what they do is they sit and watch, and they wait,” Autrey said.
When threat actors make a move, “we collect intelligence on it and then we feed the state our intelligence.”
*The Texas Digital Government Summit is hosted by Government Technology. Government Technology and Industry Insider — Texas are both a part of e.Republic.