Session Description:

Many public sector organization’s struggle to establish a culture of cybersecurity for various reasons like lack of funding, resource, etc. This is not a problem unique to the public sector given the overall shortage of cybersecurity talent in the overall global environment. Given these challenges, how can your organization establish a culture of cybersecurity with the resources they have that protects your assets and stakeholders? In this presentation we will discuss the unique cybersecurity risks present to the public sector and applicable challenges to establishing an effective cybersecurity program. Furthermore, we will discuss actions organizations can take to identify resources and funding sources to establish a cost-effective program that addresses the highest of common cybersecurity risks.

Presenter: Kyle Miller, CISSP, CISA, CDPSE, QSA 

Principal, Cybersecurity Consulting 

Kyle has over a decade of cybersecurity auditing and consulting experience. He also has experience providing IT system implementation, maintenance, and support in a higher education environment. Kyle’s current focus is in providing cybersecurity related audit and consulting services to clients in the public sector where he serves as Plante Moran’s cybersecurity industry champion. He serves as a trusted advisor to many state and local governments, airport, transit agencies, special districts, higher education, and K-12 organizations. Kyle focus is in interpreting various information security related standards, frameworks, and regulations (e.g.,  NIST, CIS, PCI DSS, GLBA, CJIS, FERPA, HIPAA, etc.) and helping organizations understand their overall risk to establish prioritized roadmaps to address that risk. Kyle’s professional certifications include the Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Data Privacy Solutions Engineer (CDPSE), and Qualified Security Assessor (QSA). He is an active member of the Information Systems Audit and Control Association (ISACA) international volunteer body of committees, working groups, and advisory councils, as well as a member of the International Information Systems Security Certification Consortium (ISC2).