Virginia went from thinking it could detect and block every attempted compromise to realizing the threat was too big and that it must be ready to respond and rebound. Watson helped evolve the state’s defense and resiliency approach, including adopting sophisticated, machine learning-powered suspicious activity analysis tools; automated response systems; updated training; and other new strategies.
When Watson kicked off his career, Virginia was focusing heavily on the confidentiality piece of the fundamental cybersecurity triad of confidentiality, integrity and availability. The state strengthened its approach to protecting sensitive data and responding appropriately should any be exposed. Then ransomware’s rise prompted increased efforts around availability. That included looking at how to maintain operations during system disruption and recover after such an attack.
Now the advent of AI-powered phishing and deepfakes is putting new focus on integrity. Generative AI’s emergence turned the state’s employee phishing detection training outdated “in minutes,” and Virginia is now looking to develop new training. Keeping everyone informed as threats rapidly evolve can be one of the most challenging, but impactful, parts of the job.
Being a CISO is also about relationships and understanding others’ needs. Cybersecurity must avoid being seen as an obstacle to other agencies, which, in their frustration, might seek workarounds to security restrictions, Watson said. As such, when the cyber team deems a proposal to be too risky, it aims to be ready to suggest alternative approaches.
Watson is also deputy CIO and spent a period as acting CIO. That’s given him insight into the budget constraints CIOs face and helped him understand how to position cybersecurity needs within the context of the bigger IT picture.
This story originally appeared in the May/June 2024 issue of Government Technology magazine. Click here to read the full digital edition online.