SC World Congress: A budget crisis is a terrible thing to waste

Share this article:

Though the country is currently facing an economic downturn, the state of Michigan has been in a recession since 9/11. That cloud has had a silver lining for the state's CISO, Dan Lohrmann, who optimistically claims that “a budget crisis is a terrible thing to waste.”

Lohrmann was part of an SC World Congress panel discussion Wednesday entitled “Cybersecurity from the eyes of an executive” with other panelists, Howard Israel, corporate security officer of Fidessa Corporation and Dave Cullinane, CISO of eBay.

Lohrmann said that he has had to deal with some pretty dramatic budget cuts. When he became CISO in 2002, he was hoping for $30 million to do several major security projects.

“I was thinking I was going to go to the Governor's office and get $30 million,” Lohrmann said. “Well, guess what? It didn't happen.”
 
The Michigan Department of Information Technology recieved $6.5 in Homeland Security grant money for security initiatives. Not the $30 million Lohrmann hoped for, but with that money his operation was able to complete more than 30 cyber projects, as well as develop partnerships with other states and federal departments to get things done, Lohrmann said.

Forced to do things with less money, Lohrmann started evaluating, “What can I do, what relationships do I have?” The answers were building trust with others, being a deliverer, thinking outside the box and looking for opportunities. That meant getting on the right committees, seeking grant money and looking to establish partnerships with the private sector or other organizations, Lohrmann said.

As for other recommendations, Cullinane said establishing a relationship with the key leadership of your company and their underlings is important.

“You need to be able to go in and explain to the business managers what the value of security personally means to them, and get them to understand what you can do for them.”

That means explaining their risk profile, Cullinane said.

Lohrmann said that it's also important to work from the bottom up, instead of just top down -- to get the front-line workers excited about security.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

LEADS Act addresses gov't procedure for requesting data stored abroad

LEADS Act addresses gov't procedure for requesting data ...

Senators introduced the legislation last week as a means of amending the Electronic Communications Privacy Act (ECPA).

Report: Intrustion prevention systems made a comeback in 2013

Report: Intrustion prevention systems made a comeback in ...

A new report indicates that intrusion prevention systems grew 4.2 percent in 2013, with growth predicted to continue.

Mobile device security sacrificed for productivity, study says

Mobile device security sacrificed for productivity, study says

A Ponemon Institute study, sponsored by Raytheon, revealed that employees increasingly use mobile devices for work but cut corners and circumvent security.