CISO Compass: Setting aside emotions to combat threats

Dear Washingtonians!

When watching Super Bowl 2020 earlier this month, I was struck by how Kansas City Chiefs' quarterback Patrick Mahomes took his team from 10 points behind with only nine minutes left to win the game 31-20. It was a masterful performance that exemplified his ability to set emotions aside and do what was needed to defeat his opponent.

I see a commonality between the challenges Mahomes overcame for his team and a new information security threat that's using the coronavirus epidemic to attack computers - the need for emotional intelligence.

Emotional intelligence is the ability to identify, understand and manage emotions. Stated more simply, it is the ability to make emotions work for you instead of against you. What happens when we lack emotional intelligence? We react. We panic.

The coronavirus epidemic is being used by bad actors to play on our underlying fears, including using phishing emails that claim to have information about virus infections in our surrounding area - if users click on a link or an attachment.

Phishing continues to be one of the most highly used methods to compromise the security of organizations and individuals.

This latest attack is an opportunity to remind ourselves and the people around us not to react instinctively when confronted with an alarming email. Remember, these threats are increasingly difficult to distinguish from legitimate emails and are growing in volume and sophistication.

Mahomes, when asked how he was able to bring his team from behind to win the Super Bowl, said: "I just try to be the best I can be."

We all need to be the best we can be in combating these attacks.

With that in mind, I would like to recognize our Strategic Advisory Groups, subsets of the Chief Information Security Officer (CISO) Council, for their hard work helping the state implement new security functions prioritized for the first half of 2020. These efforts will undoubtedly improve the security posture of the state of Washington.

I recently finished my first 100 days as the state Chief Information Security Officer, and I cannot be more excited and honored for this role. I am constantly grateful to be working with such talented colleagues, state leaders and my team at the state Office of Cybersecurity.

Here's my question for you: What can the state do to be the best it can be in 2020 to combat information security threats?

I welcome your thoughts and ideas and look forward to our continuing partnership to serve this great state. Thank you for the work you do, and for your efforts to keep Washingtonians' data safe.

Vinod Brahmapuram

State Chief Information Security Officer