In this month’s Committee Corner, we’re proud to introduce Mase Izadjoo, Chief Information Security Officer at Earthling Security and a valued member of the StateRAMP Approvals Committee. With over 25 years of experience in cybersecurity, including roles as Director of FedRAMP & Assurance Services at Coalfire and Information Security Manager at Exeter Government Services, Mase brings a wealth of knowledge to the committee. His expertise in 3PAO assessments, FedRAMP compliance, and vulnerability management has been instrumental in advancing StateRAMP’s mission to improve cybersecurity standards. In this interview, Mase shares insights into his professional journey, the advantages of participating in a StateRAMP committee, and his experiences within the cybersecurity community.
____________________________________________________________________________________________________________________
How long have you been involved with StateRAMP?
I’ve been involved with StateRAMP since its beginning, watching it grow from an idea into a vital platform for improving cybersecurity in state and local governments. It’s been rewarding to contribute to its mission and see its impact evolve over time. One of the challenges StateRAMP initially faced was getting buy-in from various stakeholders, including government agencies and cloud service providers, who were hesitant to adopt new standards. Additionally, establishing a comprehensive framework that could adapt to the diverse needs of different states required significant coordination and collaboration. Overcoming these hurdles was crucial to building trust and demonstrating the value of enhanced cybersecurity protocols.
Please provide a quote about your experience so far as a committee member.
“Being part of the StateRAMP mission has been truly exciting and rewarding. I have watched the program mature into something robust that will help drive security at the state and local government levels.”
What skills and experience do you bring to your committee?
With over 25 years’ experience as a cybersecurity professional and former government contractor, I bring a deep understanding of the challenges and opportunities in this space. My background includes working at NIST’s National Vulnerability Database (NVD), where my team played a key role in scoring critical vulnerabilities like Heartbleed and Shellshock CVEs. Additionally, as the CISO at Earthling Security for the past three years, I’ve led efforts to help companies navigate the complexities of 3PAO assessments and FedRAMP compliance. This experience has given me unique insights into vulnerability management and the importance of establishing strong cybersecurity frameworks, all of which I now apply in my work with StateRAMP.