CISO Notebook: Putting Frameworks Around RiskDallas County CISO Michael Anderson on Risk Management and Resiliency
Dallas County, one of the 10 largest counties in the U.S., was accustomed to an entirely on-premises workforce. Then came the pandemic. The Texas county's CISO, Michael Anderson, tells how he planned for business resiliency - and why he owes it all to frameworks.
See Also: Rule Life Cycle Management
In a video interview, Anderson discusses:
- Long-term support for a hybrid workforce;
- How the NIST risk management framework helped him prepare his resiliency plan;
- The value he derives from frameworks for cybersecurity risk management.
As CISO for Dallas County, the eighth largest county in the United States, Anderson oversees the information technology security program for approximately 6,800 county employees and the electronic records for over 2.6 million residents. Using NIST 800-53 and 800-30, he is building an IT security practice for the county that could provide a model for others.