• United States




How San Diego’s CISO battles cyberthreats

Jan 27, 20174 mins
CybercrimeIT LeadershipSecurity

An overwhelming amount of ransomware and phishing attacks plague private and public companies. Columnist Rob Enderle writes how one CISO is successfully defending against the current threat landscape.

cyberthreat thinkstock
Credit: Thinkstock

Things are getting ugly out there. I had a chance this week to chat with Gary Hayslip who is the first CISO for the City of San Diego.   He also co-authored the book the “CISO Desk Reference Guide” about the changing roles of the CISO and how to be prepared for today’s current threat landscape.   This discussion came on top of a Forrester Report [Disclosure: The report was funded by Varonis, a client of the author] detailing just how poorly prepared private and public companies are to protect their data and the devastating breaches in companies like Yahoo and organizations like Democratic National Committee.  

Let’s talk about what I learned from Gary and we’ll close with some of the highlighted survey results. By the way Gary will be at RSA and is a fascinating guy to talk to, so, if you are there and see him you’d likely find a chat fascinating.

Management is important

One of the reasons San Diego is in far better shape than most of the organizations I speak to is that the mayor and the city council, likely because of the growing tech presence in San Diego, were solidly behind the effort to make the city more secure.   One of the primary reasons I see security efforts fail is because the security organization is often treated as little more than a symbol and are generally under resourced and underfunded. That isn’t the case in San Diego. At around 1.5 million people San Diego is ranked 8th by size in the U.S.  

[ Related: CIOs eye automation, platform strategies, cybersecurity for 2017 ]

San Diego’s problem

Currently the city is managing 5 petabytes of data that is effectively owned by its citizens. This is a massive amount and when Gary took over no one seemed to know who was accessing this data and how it was being used. This represented a huge city resource/asset, responsible for an equally large city cost and it wasn’t being adequately managed or protected.  

Phishing, and ransomware attacks have increased sharply (ransomware by 10x) over the last several years. In addition, the city has a whopping 4,000 vendors who have permissions to access and potentially change city data any number of which possibly could be fake.  

Security fix

He looked at a broad cross section of solutions and only Varonis did what he felt needed to be done. This allows him to not only immediately respond to internal breaches, but nip successful ransomware in the bud limiting the damage done. How he got there was having a detailed understanding of the exposure so that he could set a rigid criterion that was vendor independent allowing him to get underneath marketing and sales promises and select the best vendor. His process is likely as important as his selection.

Now one interesting security product they are exploring is Flowscape from Webroot, a deep learning network anomaly tracker. On paper, it looks like it is incredibly advanced and I’ll be interested to see how his evaluation goes.   One troubling thing Flowscape apparently identified was that a lot of the devices they have with Chinese components connect to the component supplier in China regularly, something they were unware of (these are things that range from connected parking meters to stop lights).

But this showcases, like any well-secured shop, you use multiple layers of security products often from different vendors.

Using tech right to combat the threat landscape

It is always interesting to see if the local government in a high-tech region makes use of technology to aggressively advance productivity and defend against threats. I’m often more disappointed than surprised. However, Gary Hayslip and San Diego were exceptions in that they seem to have a strong handle on what needs to be done and what tools are needed to do it.  

If you get a chance you might want to check out Gary’s book and if you see him at RSA — again, you’ll likely find him an interesting guy to chat with partially because he came out of the DOD. And that last may explain why he has a sense of humor, because you have to in order to survive this, and why he has been so successful in San Diego. Finally, kudos to San Diego’s mayor and city council. It isn’t often I speak of politicians as folks that get things done. You folks did and it makes me regret I’ve never lived in your fine city, especially now when I’m up to my hindquarters in snow.  


Rob Enderle is president and principal analyst of the Enderle Group, a forward looking emerging technology advisory firm. With more than 25 years’ experience in emerging technologies, he provides regional and global companies with guidance in how to better target customer needs with new and existing products; create new business opportunities; anticipate technology changes; select vendors and products; and identify best marketing strategies and tactics.

In addition to IDG, Rob currently writes for USA Herald, TechNewsWorld, IT Business Edge, TechSpective, TMCnet and TGdaily. Rob trained as a TV anchor and appears regularly on Compass Radio Networks, WOC, CNBC, NPR, and Fox Business.

Before founding the Enderle Group, Rob was the Senior Research Fellow for Forrester Research and the Giga Information Group. While there he worked for and with companies like Microsoft, HP, IBM, Dell, Toshiba, Gateway, Sony, USAA, Texas Instruments, AMD, Intel, Credit Suisse First Boston, GM, Ford, and Siemens.

Before Giga, Rob was with Dataquest covering client/server software, where he became one of the most widely publicized technology analysts in the world and was an anchor for CNET. Before Dataquest, Rob worked in IBM’s executive resource program, where he managed or reviewed projects and people in Finance, Internal Audit, Competitive Analysis, Marketing, Security, and Planning.

Rob holds an AA in Merchandising, a BS in Business, and an MBA, and he sits on the advisory councils for a variety of technology companies.

Rob’s hobbies include sporting clays, PC modding, science fiction, home automation, and computer gaming.

The opinions expressed in this blog are those of Rob Enderle and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.

More from this author