Sorady, CISO since 2019, served New York in various important roles such as Acting Deputy CISO, Director of Security Strategic Planning & Program Management, and Director of the NYS Cyber Command Center
Friday, December 17, 2021
Karen Sorady, New York State's Chief Information Security Officer (CISO), is retiring from her post, finishing out an extraordinary 32-year career with the state, the New York State Office of Information Technology Services (ITS) announced.
"After a long and rewarding career in public service, it's time for a change," Sorady said.
Until a replacement is named, the ITS CISO team will continue their ongoing work to improve the overall security posture of government networks to better defend against the ever-growing cyberthreat landscape.
"I thank Karen and her entire team for their extraordinary work and for making cybersecurity a priority throughout New York," said New York State Chief Information Officer Angelo 'Tony' Riddick. "It is more important than ever that we are prepared for and can quickly respond to today's ever-growing and ever-evolving cyber challenges, and we are confident the next NYS CISO will build upon Karen's tireless efforts, and take NYS to the next level in cybersecurity. We will continue to do all we can to enhance protection and mitigate risk. The first step is getting the word out and ensuring that state and local governments, and other entities throughout the state, have the tools they need to protect themselves."
Sorady's career spanned more than 32 years, and included a number of roles in which she enhanced security measures and protected the NYS network from outside threats. Most recently, she helped ensure that tens of thousands of state workers could work remotely in a safe and secure environment during the COVID-19 pandemic so that state agencies could continue to provide uninterrupted services to New Yorkers in need.
Fifteen years of Sorady's career were spent in NY's central cyber office (Office of Cyber Security and Critical Infrastructure Coordination/Division of Homeland Security and Emergency Services' Office of Cyber Security/Office of Information Technology Services). She became seasoned in strategic planning, policy development, risk management, cybersecurity awareness, strategic partnerships, security operations and incident response.
Sorady holds certifications as an Information Systems Security Professional (CISSP) and in Strategic Planning, Policy & Leadership (GSTRT) as well as Risk & Information Security Controls (CRISC). She earned a Master of Business Administration (MBA) from the University at Albany and a bachelor's degree in Psychology from the State University of New York (SUNY) at Oneonta.
"It's certainly been a challenge," said Sorady. "There's been a lot going on. Not just the pandemic but also the huge increases in cyberthreats and a changing landscape I will miss my colleagues and the people I was fortunate to work with the most."
Sorady reflected on how ITS has made significant strides in cybersecurity vigilance, along with the other agencies it services across state and local governments. Along with adapting to the rapid digitization of public services at the start of the COVID-19 pandemic last year, Sorady said her team had accelerated the pace at which it evaluates the security of the many technologies New York employs, which in turn sparked a culture shift.
"I am proud that we helped agencies understand why the Chief Information Security Office exists, and the value of a proactive cybersecurity defense," she said.
Sorady said there's been an increase in collaboration and communication between the information security officers in her office at ITS and the individual state agencies cyber risk coordinators who stay in regular communication with their departmental leaders. "We've trained them to have regular touchpoints with business partners in their agencies, how to help them understand what we're trying to do by explaining the impact it has on their business. It's about having open lines of communications and being honest and collaborating," she said.
Sorady was named acting CISO in October 2019, and promoted to the role on a full-time basis a few months later.
The New York State Office of Information Technology Services (ITS) was created in 2012 to transform IT services in an effort to make New York State government work smarter for its citizens and enable the state to be accessible for businesses through the use of technology. ITS provides statewide IT strategic direction, directs IT policy and delivers centralized IT products and services that support the mission of the State. ITS operates data centers 24 hours a day, 365 days a year to support statewide mission-critical applications for over 50 Agencies, over 17 million citizen accounts, 120,000 employee accounts, 60,000 phones, 99,000 desktops and laptops, and 3,433 Virtual Desktop remote connections. ITS operates a secure network of over 1,600 miles of fiber to deliver telecommunications, Internet and Intranet services, enterprise email systems and support, IT training, networking, data storage and processing to State government entities in addition to developing new services in support of citizens, businesses and State Agencies.
For more information, visit https://its.ny.gov and follow us on Twitter @nysits.
Contact Information: Alicia Biggs [email protected]