About Me

Name: Michael Pruett, CISSP

Occupation: Director of Cybersecurity, State of Alabama

Biography: O.k., so don’t laugh too hard but we really do have computers and the internet down here in Alabama. I currently serve as the Director of Cybersecurity for the State of Alabama. I report directly to the State Chief Information Security Officer and have the honor of working with some very knowledgeable and dedicated employees to help progress the state through the maturity process. My vision in what I do has always been to promote security awareness to everyone I can reach while at the same time protecting the resources of the organization I work for.

I have been in my current role since December of 2016. Below is an exerpt from my LinkedIn page that discusses my responsibilities for the State of Alabama:

The Director of Cybersecurity role requires me to lead a team of IT Security professionals towards achieving the goal of securing the state’s network while also promoting security awareness. This position requires the following level of support from myself as well as my team.

• Fostering an environment of growth and education in cybersecurity
• Public speaking engagements to discuss security awareness and cybersecurity needs in the community
• Development and Deployment of State of Alabama Security Operations Center (SOC)
• Tier 3 Support and Engineering
• Customer Relationship Management
• Review and Design of System Development Lifecycles
• Baseline Configuration and Deployment for State Infrastructure
• Secure Enterprise Network design, implementation and management (perimeter to end user)
• Deployment and management of Layer 7 capable network security devices
• Deployment of multi-factor authentication solutions
• Best practice and security standardization analysis against industry baselines (NIST USGCB, DISA STIG, NSA / CIS Benchmarks)
• Evaluating operational inefficiencies and security deficiencies within organizations
• Guiding and advising statewide centralization projects
• Bolstering the communication flow and sharing of information and statistics between state entities
• Technical analysis of security policy and procedures
• Business Development and Growth
• Disaster Recovery and Business Continuity
• Vulnerability Assessment and Mitigation