In this month’s Committee Corner, we’re proud to introduce Ken Weeks, Chief Information Security Officer (CISO) for the State of New Hampshire and a dedicated member of the StateRAMP Approvals Committee. With over three decades of experience as a Naval Officer specializing in cryptology and information warfare, and as a former Executive Leader of Cyber Operations at the NSA, Ken brings invaluable expertise to his role on the committee. Since joining StateRAMP, Ken has played a crucial part in supporting the efficient approval of service providers, helping mitigate cybersecurity risks across the nation. In this interview, Ken shares his journey, the benefits of joining a StateRAMP committee, and the rewarding experiences he’s had as part of the cybersecurity community.
____________________________________________________________________________________________________________________
How long have you been involved with StateRAMP?
I think I’m getting close to a year, but I’m having so much fun and time flies that it may actually be a little bit longer…or shorter…
Please provide a quote about your experience so far as a committee member.
As a State CISO, I have a variety of “other duties as assigned” but I volunteered to be part of this committee when Leah asked if I was interested. Serving on the Approvals Committee is my way of supporting the management of cybersecurity risk outside the “borders” of New Hampshire. (Actually, we only have a “border” with Massachusetts and Canada. We have “State Lines” with Vermont and Maine.)
What motivated you to join your respective committee?
As more and more States, Municipalities, Higher Education institutions and K12’s move work to the Cloud for all the right reasons, it is impossible for each organization to do the required due diligence against risk to the delivery of government operations. StateRAMP does that.
What skills and experience do you bring to your committee?
I’m pretty sure I’m the least technically qualified member of the committee but I bring three decades of experience as a cryptologist and information warfare officer and member of the U.S. Intelligence Community to bear. I know bad when I smell it, that is for sure!
What benefits have you seen since joining your committee?
When you join a StateRAMP committee, you immediately expand your professional network and even for a knuckle-dragger like me, you will gain significant knowledge just by being part of the process.
What impact has your committee had on StateRAMP and/or the cybersecurity community?
This one is simple. The mere existence and process of the Approvals committee gets more products through the StateRAMP process in less time. The more efficient we are at this, the less risk we will collectively assume.
What advice would you share with someone interested in joining a committee with StateRAMP?
Just do it now. Contact StateRAMP and express an interest. Your professional network will grow and you will make a nationwide impact. This is IMPORTANT.