On this episode of the Imperva Security Podcast Seth Kulakow - Chief Information Security Officer for the State of Colorado and his deputy Travis Schack are interviewed.  We discuss several issues that are unique to state-level information security as well as several solid, modern approaches to developing an effective security posture. The consolidation of IT security resources such as security, database and application developers, etc under one umbrella, and the need for executive level sponsorship kicks off this discussion. We also talk about the importance of marketing security internally to peers, building security into the business process and outlining key requirements early on in the form of RFPs, contracts and the like to ensure that there is a real partnership between vendors and customers.

Seth Kulakow was selected as the Chief Information Security Officer (CISO) in November 2008. As the CISO, Seth is responsible for the State's Information Assurance and Compliancy programs.

Prior to joining the Governor's Office of Information Technology, Seth was the Information Security Officer for Denver International Airport (DIA), ranked the 4th busiest airport in the nation and the 10th busiest in the world. During his tenure at DIA, Seth created and managed a peer recognized first of its kind (in any US airport) full time security program from its infancy to a best practice repeatable program. The program covered every facet of security from risk analysis and assessment, compliancy, system auditing, penetration testing and forensics, to ingress and egress controls.