What started as computer security, morphed into information security, and is now being called “information assurance.” This includes the managing of all risks...
Author - Rafael C. Diaz
Currently, Rafael is Chief Information Security Officer for the State of Illinois at the Department of Central Management Services (CMS). During his tenure as CISO, the State implemented the first state-wide security strategy - “Secure Illinois.” One component included the rollout of a state-wide security policy program. A consequence of this program was the development of a comprehensive Risk Management Framework for state IT operations. Another component of the strategy is the building of a comprehensive operational controls framework – “Cyber Security Maturity Assessment Model” – that includes NIST, PCI, HIPAA, and other regulatory principles. In an effort to coalesce the security requirements of the various disparate agencies in the State, we formed the State-wide Security Consortium (SWSC). This body works to shape policy, define operational controls, improve data security, and enhance cyber security awareness.
As CISO, Rafael has led the planning teams that participated in two Cyber Storm National Exercises – CSII and CSIII. These critical efforts allowed Illinois to exercise its communications and information sharing procedures with various levels of emergency management, law enforcement and information technology organizations across the country to ensure a coordinated and thorough response for the future.
Rafael came to CMS to assume the role of Enterprise Business Applications and Services Executive. After seven months, he was promoted to Chief Information Officer for CMS and continued the IT consolidation and rationalization efforts. Formerly the Chief Information Officer for the Department of Human Services, he ushered in an integration effort for social services management – across all social services agencies in Illinois.
Rafael served for seven years in professional and managerial positions at Accenture formerly known as Andersen Consulting. His professional career began with the Chicago Police Department as a forensic scientist.