Maricopa County Customer Story
Data diversity attracts unwanted attention
Michael Echols, chief information security officer for Maricopa County, observed, “The diversity of data we handle requires us to comply with a wide range of federal and industry regulations, including HIPAA, PCI, CJIS, and NIST-related mandates. With web- and email-based attacks representing such a significant source of potential risk, we created a strategy specifically to identify, manage, and mitigate cyber threats.”
Free citizenry needs information privacy
It is challenging to deliver the services people expect and operate in a totally secure mode. State and local government organizations hold a broad range of sensitive information, including financial, medical, and even criminal records. This information represents a prized target for would-be hackers. And the public is always expecting more from the public sector: Daily use of smart phones, tablets, social media, and the web has conditioned users to expect unprecedented levels of convenience and expediency.
Maricopa County Fast Facts
- Industry: State and Local Government
- Fourth largest county in the United States
- Employs 14,660 staff
- Covers 9,221 square miles
- Has 4 out of the 10 fastest growing cities in the U.S.
Partners in protection
Stevens has been very vocal about controlling costs, making smart investments, and building agile teams, with an emphasis on the CIO-CISO partnership. He commented, “I really think that CIOs need to become a lot more like CISOs to understand the unique demands of the role, and CISOs should become more aware of CIO challenges. When those are blended well we have a great opportunity to protect citizens’ data in a much more meaningful way.”
The threat of cyber attacks requires a very disciplined and well-reasoned approach. Selecting partners with a proven commitment to deliver the highly effective cyber security is a key component of a multi-tiered, defense-in-depth strategy.
Partners in protection
Echols reflected, “We defined an approach around understanding the data; understanding what tools and controls we needed to implement to monitor that data; and creating identification, containment, and mitigation strategies to pre-empt any potential threats.”
Echols and his team performed an extensive analysis of solutions that would fulfill his requirements. A critical component of the selected solution was FireEye Email Security.
Extracting threat-related information was only one piece of the puzzle. The FireEye Central Management was selected to process the potentially massive volume of data from across the entire infrastructure and to consolidate and prioritize alerts.
More recently, the County added to its layered defense architecture with the integration of a FireEye Threat Analytics Platform (TAP) into its diverse environment. The platform utilizes threat intelligence, expert rules and advanced security data analytics to interrogate complex event data streams. Echols commented, “The Threat Analytics Platform will allow us to prioritize and focus our response efforts on the alerts that really matter to the County.
Maricopa County realized they could no longer secure data with one-off activities, such as firewalls or anti-virus software. Cyber threats required constant vigilance, and to combat them successfully, they chose FireEye as their solution provider—to continually innovate and keep their public safe.
"I knew about FireEye before we started our research but wasn’t aware it had the technologies that could deliver exactly what we needed. Our concept and the FireEye model were an excellent match.”
- Michael Echols, Chief Information Security Officer for Maricopa County