Plaques awarded to the 2024 Cyber Champions
June 4, 2024

New York State Recognizes 2024 Cybersecurity Champion Award Winners at the 26th Annual Cybersecurity Conference 

New York State Recognizes 2024 Cybersecurity Champion Award Winners at the 26th Annual Cybersecurity Conference 

The New York State Office of Information Technology Services (ITS) today announced the recognition of 19 state employees as State Cybersecurity Champions for their significant contributions to support and enhance cybersecurity across New York State. The winners were honored at the 26th Annual New York State Cybersecurity Conference on June 4.  

"Our Cybersecurity Champion Award winners go above and beyond their day-to-day responsibilities to help protect our state and keep our information safe from cyberattacks,” said New York State Chief Information Officer Dru Rai. "To be a leader in the field of cybersecurity, New York State requires the talent and expertise exemplified by this diverse group of New York State employees. We thank them for their commitment to this important work."  

"New Yorkers can be confident that New York State’s systems and data are more secure than ever thanks to the efforts of these New York State Cybersecurity Champion Award winners," said ITS Chief Information Security Officer Chris DeSain. "Their efforts, bolster our cyber security posture in New York. We congratulate and thank them for their skill and dedication!"  

Congratulations to the following 2024 New York State Cybersecurity Champions: 

Divya Chilupuri

Divya joined the ITS Program Management Office in February 2023. Since her initial assignment to manage the Cyber Risk Remediation Program, or CRRP, she has become an invaluable asset to both the PMO and Chief Information Security Office Program Sponsor. 

When executive management was looking for a holistic, visual way to view the program’s progress, Divya developed a semi-automated, easy to use, one-page dashboard, which is now the cover page for the program. 

Last fiscal year she led the team to complete remediation of over 1K EOL servers and close to 2K network devices, implemented MFA to around 45 applications, refreshed 35K end user Windows PCs, and remediated all county and WCB kiosks.

Although phase 2 of the program, to be completed this fiscal year, is nearly double the size of first phase, Divya takes it in stride, reallocating work properly and clearly guiding the four PMs who report to her, along with other assigned PMs and technical leads who are focused on specific parts of the effort. Divya is passionate and dedicated to her important work in reducing cyber risk for ITS and NYS! 

Christine Carpenter

Since taking on the role of agency Cyber Risk Coordinator, Christine has taken a noticeable increased interest in information security. Her increased involvement in the CISO security review process has led to the implementation of security controls and the reduction in risk findings. Her involvement in the incident response (IR) process had led to better IR communications between the Commission and ITS. Her overall increased interest and advocacy of information security and participation with CISO has been a benefit to the NYS Gaming Commission, to ITS, and to New York State. 

NYS ITS CISO Red Team

Mark Bilanski, Jeff Schaeffer, Jared Hoffman, Nick Castaldi, Daniel Leo, Scott White, Greg Gerling, John Griffin 

Having found, identified, and exploited numerous vulnerabilities ranging from simple cross site scripting to severe issues like directory traversal or remote code execution, the ITS Red Team never ceases to impress. By providing thorough, concise, and descriptive reports to Information Security Analysts, the Red Team ensures remediation can be prioritized and performed by vendors and agencies. The in-depth findings and continual training help to assist other teams within the Cyber Command Center, keeping them informed of the current tactics and techniques that attackers may use against our infrastructure. These efforts have led to significant improvements in many areas and has helped to better protect the data of the residents of New York State.  

NYSOC Shift Leaders 

Ben McFarland, Joel Butler, Arbina Camaj, Shawn Fodor, Stephen Addison 

The New York State Security Operations Center Shift Leaders, or the “Hive Mind” as they have come to be known, have each exhibited exceptional leadership in the establishment and management of NYSOC program. Each of the shift leaders has shown a level of dedication and a willingness to contribute wherever they can to help grow the NYSOC since its inception. These shift leaders all have their own diverse backgrounds and unique areas of expertise, but the common trait among them all is an ability to connect with their teams to share their knowledge, provide support and guidance, and to do it all with an open and welcoming demeanor.  

NYS ITS CTO VPN Team

Thomas Nolan, Tammy Mischitelli, Matthew Cavanaugh 

In a year marked by heightened vulnerabilities across various technologies, the resilience and proactive measures taken by the VPN team, under the leadership of Thomas Nolan, and his team Tammy Mischitelli, and Matthew Cavanaugh, in safeguarding our VPN infrastructure have been exemplary. Their unwavering commitment has ensured uninterrupted access for approximately 120,000 users, crucially supporting New York State operations and serving its residents.