Event Calendar
Prev MonthPrev Month Next MonthNext Month
Key Findings and Recommendations of the 2020 Deloitte-NASCIO Cybersecurity Study
Webinar Only
Wednesday, December 16, 2020, 11:00 AM - 12:00 PM EDT
Category: Forum Events

Key Findings and Recommendations of the 2020 Deloitte-NASCIO Cybersecurity Study

Rick Comeau will present key findings and recommendations from the recently published “2020 Deloitte-NASCIO Cybersecurity Study.” Deloitte and the National Association of State Chief Information Officers (NASCIO) again partnered on this 6th biennial report, which included the direct feedback of Chief Information Security Officers representing 51 States and U.S. Territories. The survey questions and responses underpinning the 2020 report were also updated midstream to capture information relevant to the dramatic shifts in state government IT environments and associated cyber risks and challenges brought on by the COVID-19 pandemic.  The presentation will also compare the results and recommendations of the Deloitte-NASCIO Study with those of similar, recent reports and doctrine intended to assess, better understand, and recommend improvements to State & Local Government cybersecurity.

Speaker,  Rick Comeau, CISSP, MBA

Rick is a Senior Manager in Deloitte’s Risk & Financial Advisory practice, with over 15 years of experience in security assessments, cyber risk management, and cybersecurity standards development within the public and nonprofit sectors.  His main areas of focus are cyber risk services for government and public sector clients, particularly State & Local (S&L) governments. He has led various S&L government cybersecurity engagements, including elections information and infrastructure security assessments; information system contingency plan development; and network & system vulnerability assessments.

Rick spent several years at the Center for Internet Security (CIS), where he led the CIS division that publishes the globally recognized, industry standard benchmarks for securely configuring a wide range of IT systems, applications, and devices. These standards (“CIS Benchmarks”) are specifically referenced by higher level security standards and frameworks such as the Payment Card Industry Data Security Standard (PCI DSS) and Federal Risk and Authorization Management Program (FedRAMP).

Rick also served as an executive at the New York State Office of Cybersecurity & Critical Infrastructure Coordination (CSCIC) where his responsibilities included program and budgetary management of the Multi-State Information Sharing & Analysis Center (MS-ISAC). The MS-ISAC is officially recognized by the U.S. Department of Homeland Security as the national cyber threat and vulnerability information sharing hub for all State, Local, Tribal, and Territorial governments and now a sub-organization of CIS.

Rick began his career as an officer in the U.S. Coast Guard performing various operational duties, including enforcement of fisheries and environmental laws, search & rescue, and narcotics trafficking interdiction.

Presentation

  • PDF, (Adobe® PPT, 778 KB)