Kojima is responsible for IT security, risk management
Ken Kojima, the agency information security officer (AISO) for CDCR, was highlighted in Techwire in October 2021.
Kojima has been with CDCR for a dozen years and an information security leader since 2019. He began his CDCR career in 2008 as an information systems analyst.
Kojima has a Bachelor of Science in Electrical Engineering from the University of California, Davis.
His professional education also includes:
- study of advanced network forensics and analysis at the SANS Institute
- master certificate in information security from Villanova University
- certificate in Leadership for the Government Supervisor from California State University, Sacramento.
“My career path allowed me to experience many different areas within the information security field,” he said. Some of those areas include policy writing and auditing in addition to cyber operations and threat hunting.
With increased technological capabilities come increased security risks.
“The basic concepts of protecting the confidentiality, integrity and availability of paper-based information still apply to cyber and information security. But, the complexities of the risk mitigation options have increased exponentially, aligning with the technology boom over the last 20-plus years,” Kojima explained.
As a member of the IT executive cabinet, Kojima consults on CDCR’s strategic plan for information and cyber risks.
“I am directly responsible for the strategic approach to IT security operations and technology risk management,” he said.
Trends include tech-based rehabilitation, staff telework
“Emphasis on remote and teleworking service resiliency will be one of the top goals for CDCR. The COVID-19 pandemic forced CDCR and other state executives and organizations to shift IT service delivery,” Kojima said. “CDCR (is) expanding court-mandated video surveillance (while also) expanding technology-based rehabilitative services for our incarcerated and supervised populations.”
Moving from paper to digital has been an ongoing process but with the pandemic, the move became necessary.
According to Kojima, paper documents are more difficult to maintain, create more work, and aren’t easy to inventory and track.
Transitioning from paper to digital
Digital transformation generally includes:
- removing reliance on paper documents
- adapting manual processes to more efficient technology platforms
- finding ways to innovate using current technologies.
“More specifically to information security, I would use the acronym SOAR (Security Orchestration, Automation and Remediation) to define digital transformation. CDCR has been on the digital transformation path for several years even prior to my arrival,” he said. “There will always be new technologies or platforms to be leveraged to improve services delivered to incarcerated individuals and employees. It is our responsibility as technology leaders to find ways to augment and innovate services we provide to the state.”
Kojima takes pride in the work done by his unit. He points to “building the CDCR Security Intelligence and Operations Center that focuses on security monitoring and incident response capabilities.”
He credits his predecessor and current state Chief Information Security Officer (CISO) Vitaliy Panych with implementing the unit’s vision.
“I was lucky enough to be in the right situation to have the opportunity to build the foundation. We created better operational visibility for the IT organization and matured our security culture. (CDCR) increased our human capital by hiring security-minded engineers and analysts,” Kojima said. “The culmination of these efforts has increased our overall security resiliency while acknowledging there is still work to do.”
During his off-duty time, Kojima unwinds by reading science and technology articles and watching streaming channels with his family. He said he occasionally goes camping and also enjoys discovering and sharing new music.
Read the full story on Techwire.