Oakland County’s Chief Information Security Officer Chris Burrows received national recognition for making a difference in cybersecurity. He was among a handful of 2016 “Difference Makers” whom the SANS Institute honored at its Defense Initiative Training Event in Washington D.C. The Difference Makers award “celebrates those individuals whose innovation, skill and hard work have resulted in real increases in information security.”
“This is a banner year for Chris,” Oakland County Executive L. Brooks Patterson said. “Back in October, the Michigan Government Management Information Sciences (MI-GMIS) organization named him Michigan’s IT Professional of the Year. Now, he is among a dozen individuals recognized nationally for advancing information security. We are proud to have him as a member of our team.”
The SANS Institute said in a press release that “Burrows drove improvements in basic security hygiene, including elimination of unneeded administrative privileges and resolving all critical vulnerabilities within 48 hours. In addition to his CISO duties, he volunteers as a Team Leader in the Michigan Cyber Civilian Corps, which is a group of experienced cybersecurity experts who individually volunteer to provide assistance to the state of Michigan in times of emergency. Burrows has CISSP and GICSP certification and has served on international IT Security Standard Boards.”
“It is gratifying to have our hard work recognized both on a state and national level in the same year,” Burrows said. “But this award is the result of a lot of initiative and innovation by our IT Department team.”
Burrows joined Oakland County in 2013 bringing more than a quarter century of experience from the private sector including in risk management, information security, and IT operations. In a few short years, he has created Oakland County’s first IT risk and security program. Plus, he helped implement CySAFE, a free IT risk assessment tool Oakland County makes available to other governments and businesses in the cloud. CySAFE has been downloaded in all 50 states.
Burrows also has provided leadership and guidance as a security advocate for other Michigan counties seeking to build or enhance their IT security including Washtenaw, Wayne, Macomb, Livingston and Monroe. He is working with local universities including Oakland University and Walsh College to help them identify relevant content for their cyber security programs. In addition, he is creating his own course called “Current Issues in Cyber Security” which he will begin teaching at Walsh College.
“Chris’s leadership in the IT Department has transformed the way we think about cyber security,” said Deputy County Executive and CIO Phil Bertolini. “Not only is he having an impact on Oakland County, but he is also sharing his insight and best practices around the region.”
Burrows, 45, lives in Commerce Township with his wife Heather and two children. He holds a MBA from Lawrence Technological University, BSBA from Central Michigan University, along with numerous technical certifications including a CISSP (Certified Information System Security Professional).
About SANS Institute
The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted and, by far, the largest provider of cyber security training and certification to professionals at governments and commercial institutions world-wide. Renowned SANS instructors teach over 50 different courses at more than 200 live cyber security training events as well as online. GIAC, an affiliate of the SANS Institute, validates employee qualifications via 30 hands-on, technical certifications in information security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers master’s degrees in cyber security. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, and newsletters; it also operates the Internet’s early warning system–the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to help the entire information security community. (http://www.sans.org)