Delivering Maximum Impact in the Public Sector
Born and raised in California. I served in the military after graduating high school for ten years. And after completing successfully completing my arm service tenure. I became a civilian again and unfortunately. the. That I held as an armed servicemember did not transfer cleanly into the civilian world. So whereas I was the network manager in the military. I kind of add to start all over when I became a civilian. So digits that. Began working on the desktop and couple of years later moved into. The engineer ranks. After mastering NAN began working with small teams as a supervisor. Fast forward to three years after that got my first manager role it's been just an uphill climb since then on say about seven years ago was when I first entered into the executive ranks. And that was as light goal from a to be at the top of a particular foul. And so your position today, can you describe that for us and tell us what's your day to day like? Well, I can day to day is. Very, challenging We Dallas County is the eighth largest county in the United States. We have a thirty nine different departments and agencies that comprise the county, and so as you would imagine, there's a good deal of diversity and so in one day I might be you know working with public works the next day I might be working with the judiciary. The next day I made me working with Members of the court. It's just a great deal of diversity and I like that. But my team specifically. We have responsibility for the county cybersecurity program and really what that entails three different teams. The first of which is we call in threaten vulnerability management. and. We also have another arm. Architecture and engineering, and then we also supply for the hundred fifty or so folks that make up it services audit and compliance so that we can make certain that were firing on all cylinders with respect to our compliance mandates. Can you give us an idea of the scale of your team? How many folks do you have working under you? We have total. In, source and outsource of ten men and women. That make up the team. We've been asked to source streamlining keep things relatively small. and. So we have a number of partnerships. With outside entities that help us to complete the portfolio. For the security services. program. Can you describe for us how that works I mean how do you balance that I would hazard to say as a relatively small team for the size of the organization that you're protecting, and being able to work with outside vendors. Yeah I tend to agree day it is a fairly tall order. And a part of that call for us to take a look at everything that we had in existence. and then looking at how well, we did in the areas that require improvement what tools might we keep and what tools should we replace? And as we sort of went through that exercise with the backdrop being we're going to be small have to be Nimble. Not Do we have to keep the lights on world cross functionally, but we also have to do programs and other projects How can we do all of that remain nimble and so what we came up with wasn't hey I m L. model whereby we would replace just about everything with those types of tools. So that. Overtime and with clean data entering into those systems, we could train those two only stop work for those analysts for those engineers architects. When it was absolutely necessary, and so that's been I guess in eighteen to twenty month journey and I will not tell you that we have arrived but we're much better off in our day to day. Then we were when I first joined almost two years ago. I mean do you have any insights to share in terms of what that journey has been like for for other people who may be considering a similar approach things that they should be mindful of you know Dave I, I have an opportunity because there are so many cities within my counties and because we're making an Dallas county a model for other entities of our size and larger I get a chance to top twelve law practitioners local to the two hundred, fifty four counties set up a Texas as well as those that are outside. Of Our state and one of the biggest challenges that I see facing practitioners. Is that they don't really know where to start. So so you know the the person before them maybe they were doing their best the person before them maybe they add compliance focus. But with respect to growing the program, what I find most often is that. They have not adopted a security framework and conducted. A gap assessment against that, and then prioritize those documents those findings to give them a solid roadmap going forward. That's probably number one without question and it is on a day to day basis as I work with other practitioners very first thing that I subscribe that they should take a look at.