Pennsylvania CISO Andy Ritter wants to take an outcome-focused approach to securely delivering resident services.
The state appointed Ritter as CISO in February, following a stint as interim CISO that started in October. He has more than 30 years of cybersecurity and IT experience, including nearly nine years of service with Pennsylvania government.
Prior to becoming interim state CISO, he was deputy CISO, enterprise IT security risk manager, and a senior cybersecurity consultant. Before working for the state, he held a variety of cybersecurity roles in the private sector with organizations like 323 Technology Inc. and Bath Fitter.
Across both the public and private sectors, Ritter said, “risk is risk.” The difference, he said, is that in public service, government is responsible for delivering many critical services.
“The scale of the impact is greater here,” Ritter said, noting that residents should be able to access government applications at any time — and to do so securely.
One lesson Ritter learned during his time in the private sector is to stay in front of the threats whenever possible. A lot of…
