Chief Risk Officer, North Carolina
With a precipitous rise in ransomware attacks against North Carolina governments last year, state Chief Risk Officer Maria Thompson has helped shore up communities’ defenses with a focus on statewide coordination and investment in new tech.
Thompson, who spent over 20 years in the U.S. Marine Corps and was in one of the first waves in the corps to get cybersecurity training, has also enjoyed success in both the private and now public sectors — a fact she attributes to her focus on leadership and strategic thinking.
Her efforts to create a cyber-security response team composed of diverse state entities like the National Guard and Emergency Management staff is one of her biggest triumphs at the state level. Formed last year, the group exemplifies a “whole of state approach,” she said, and is the state’s biggest protective apparatus against cyberattacks, functioning both responsively and preventively
In her 20 years in the @USMC, Maria Thompson was among the first in the corps to get cybersecurity training, and she now ensures that @NCDIT is ready to combat evolving digital threats #govtech @ncriskofficer
“Wherever I’ve been — and I’ve been in the [Department of Defense] as a contractor, worked in cybersecurity in federal organizations, and now am in state — the threats and the risks are similar,” she said. “We have made strides in North Carolina in terms of building relationships and shifting our frameworks to be more adaptable in how we assess our environments for security.”
With still more work to do, Thompson has ensured that the Department of Information Technology invests in new technologies to combat growing threats. Those include automated monitoring — an AI-powered software that surveils networks and systems to catch potential intrusions. This automation lets staff focus on more complicated security tasks, she said, helping make state organizations smarter and more effective.
“Getting a good selection of capabilities that are able to give you visibility into your landscape [is important]. You can’t protect what you can’t see,” she said. “I’m not saying we’re perfect at that and there’s always room for improvement, but we’re always getting better.”