What to Know About the State’s Cyber Landscape

During an Industry Insider — Texas webinar, John Miri, president of the Electric Grid Cybersecurity Alliance, discussed what agencies and industry partners need to know about the state’s cybersecurity landscape.

Below are a few takeaways from the event, including some of the latest cybersecurity trends, challenges and opportunities in the Texas SLED market.

KEY MACRO TRENDS IN CYBERSECURITY

When discussing the overall state of cybersecurity in Texas, Miri emphasized that the concept of cyber has become more pervasive than it used to be.

“It used to be that we focused mostly on information technology,” Miri said. “One of the biggest trends that I think is going on, especially in Texas, is that cybersecurity is becoming an issue with all technology,” including operational technology.

For context, information technology refers to systems that store, retrieve and communicate information, like a website or an accounting system. Meanwhile, operational technology refers to hardware or software that detects or creates change by directly monitoring or controlling specific equipment — like a system that collects video footage from a police car.

As a result, one of the key macro trends in cybersecurity, according to Miri, is an increase in security applications that impact both IT and operational technology.

ADDRESSING CYBER MARKET CHALLENGES

Issues that might affect vendors include technical debt, aging systems and keeping up with maintenance and operations.

Miri’s main takeaway was to leverage these challenges into opportunities.

“We look at day-to-day maintenance and operations and say, ‘well, we’ve got to pay that, right?’ Or you’ve got technical debt and older systems, and some people will say, hey, as soon as I have my life in order, that’s when I’m going to clean up my house,” he said.

Instead, he recommends using cybersecurity to address challenges and create better solutions.

“When I started at [Lower Colorado River Authority], there was technical debt, and there were systems that we wanted to improve. When we brought cybersecurity into the equation, it changed the business case and gave additional benefits to some of those projects,” Miri said.

OTHER KEY TAKEAWAYS

Other takeaways from Miri:

• Ask buyers which certifications or regulations are important to them. (i.e., TX-RAMP, FedRAMP, StateRAMP, NIST, etc.)
• “You can’t win a war with only air support. You need ground troops too” — meaning don’t limit yourself only to speaking with CIOs or CISOs when selling a product. Get to know the other players involved in the process, such as IT managers or system analysts.
• Lobbyists can do a lot of good and a lot of damage. Work with them wisely. For example, when used incorrectly, lobbyists can alienate actual buyers and delay projects, or make something look political when it’s not.
• Ask questions instead of telling people stuff — meaning find out more about your customer and understand what they need instead of telling them to just buy your product.
  

More information about the event can be found here.