As cybersecurity threats grow statewide, Florida is positioning itself as a major player in curtailing the growing tech epidemic.
While companies and agencies continue to make major investments in combating hackers, groups like the Florida Digital Service and others are finding ways to better leverage and deploy technology to better serve Floridians.
One of the leaders on the frontlines in the cybersecurity fight is Government Affairs Consultant Lisa Aaron. With over 35 years of statewide experience, Aaron and her Tallahassee firm are running point in Florida, serving on the recently-established NightDragon State and Local Advisor Consortium. The group of industry leaders, which includes leading advisors and government relations experts, are providing technology solutions to state and local government agencies to help bolster cybersecurity measures.
Aaron sat down with The Capitolist to discuss these ongoing efforts, Florida’s partnership with NightDragon, as well as an outlook on the state’s cybersecurity scene.
Q: Can you give us a rundown of the state’s cybersecurity scene and what you and other experts are working on to safeguard sensitive information?
Aaron: With the global pandemic, we have seen an aggressive push in IT modernization and adoption of cloud technology. With that comes the need to adjust and adopt more aggressive cybersecurity technology because the threat vector has shifted. The borders/perimeter are now open with the remote workforce and providing access to citizens. Florida is working to safeguard against this shift in how commerce is conducted and many agencies are implementing a zero-trust architecture.
Q: As cybersecurity threats mutate, Florida’s government is experiencing a notable uptick in hackers. What are some potential risks or challenges that the State is looking to minimize?
Aaron: Statistics show that there is a ransomware attack on state and local governments every 33 seconds so resiliency planning is a major area of focus for state and local agencies. In addition, 94% of all breaches are identity-related so many of the agencies are looking to beef up their identity governance and compliance. Another area of risk is the talent pool as it relates to cybersecurity. Many agencies are having a hard time recruiting and retaining security professionals so they are looking to private companies for managed security services.
Q: Are we seeing similar issues in other states?
Aaron: Yes. All state and local governments are seeing an uptick in cyber attacks. Statistics show there has been a 600% increase in cyber attacks since the global pandemic began. The National Association of Chief Information Officers surveyed all fifty state CIOs and found that Cybersecurity and Risk Management is their #1 priority.
Q: Obviously, the $30 million earmarked by the Legislature, as well the new-established Florida Digital Service (FLDS), will play a big part in helping protect the State from cybersecurity attacks. How are cybersecurity experts looking to allocate this money?
Aaron: The money has been allocated in multiple buckets. The Florida Digital Service will be looking at cyber security assessments and asset inventory, identity management, industrial control systems/critical infrastructure hardening, security information event management, vulnerability management and a Cybersecurity Operations Center.
Q: With experience inside the Attorney General’s Office — and now with your own outfit — how have cybersecurity threats evolved in Florida?
Aaron: The big antivirus companies established in the 1990s dominated the cybersecurity industry for about 20 years. Then we started to see more organized attacks used to obtain millions of consumer credit cards numbers. Today, we are seeing attacks to supply chains, critical infrastructures like water treatment plants and power grids and ransomware. Cyber security companies today are using strategies like artificial intelligence, machine learning and behavioral detection to combat these bad actors.
Q: Running lead on Florida’s behalf in a new partnership with NightDragon, what are you working on and how will this new effort help bolster cybersecurity in our state, as well as California, Texas, and New York?
Aaron: The NightDragon portfolio is a carefully selected group of innovative, leading and growth companies in the cybersecurity, safety, security and privacy industries. NightDragon works closely with each of these companies to drive market leverage, accelerate industry partnerships and create a long-term path for growth.
Gartner, a leading technology research company, predicts that Security Access Service Edge (SASE) will become the new standard for security in the coming years. We have some cutting-edge technology that has been developed to do just that. The NightDragon portfolio also includes companies that can do everything from protecting applications in the cloud to detecting bad bot behavior to application relationship management.
Lisa Aaron is President of Lisa Aaron Consulting (LAC), a Tallahassee firm focused exclusively on information technology. She also represents Florida on the NightDragon State and Local Advisor Consortium to help combat rising cyberattacks.
NightDragon is an investment and advisory firm focused on growth and late-stage investments within the cybersecurity, safety, security and privacy industries.