THANK YOU FOR SUBSCRIBING
Gov CIO Outlook Weekly Brief
Be first to read the latest tech news, Industry Leader's Insights, and CIO interviews of medium and large enterprises exclusively from Gov CIO Outlook
Michael J. Purcaro, Town Administrator, Town of Vernon Michael J. Purcaro is the Town Administrator and Emergency and Risk Manager for the Town of Vernon, Connecticut, overseeing a midsize municipality with approximately 31,000 residents. With a unique background as a licensed physical therapist and former Chief of Finance and Administration at the Connecticut Department of Public Health, Purcaro brings over 19 years of experience in emergency management. His multifaceted roles include serving as the Emergency and Risk Management Director and contributing to federal disaster response efforts. Purcaro's strategic leadership addresses cybersecurity challenges, emphasizing proactive measures and comprehensive training.
In an interview with Govt CIO Outlook, Michael J. Purcaro shares his valuable insights into emergency preparedness, focusing on cybersecurity and risk management.
Can you give us a brief background about your roles in the organization for which you've been working?
Currently serving as the Town Administrator and Emergency and Risk Manager for the Town of Vernon, Connecticut, I oversee a midsize municipality with approximately 31,000 residents. Situated just east of Hartford, our town offers a diverse blend of rural, suburban, and trail systems, drawing people across New England. Positioned along key transportation corridors and near major research centers and universities, Vernon is a hub for various activities.
My journey to this role is unique and has shaped my approach to emergency management. Originating as a licensed physical therapist specializing in wound care and trauma at Yale New Haven Hospital, I transitioned to state government. Over an 11-year tenure at the Connecticut Department of Public Health, I was the Chief of Finance and Administration, navigating crises such as the anthrax incident, West Nile virus, Eastern Equine Encephalitis, and the aftermath of the 9/11 attacks.
Further, I contributed to the federal government as a National Disaster Medical System administrative officer under the United States Department of Health and Human Services and Homeland Security. My team played a pivotal role in responding to Hurricane Ike in Galveston Island, Texas, shortly after its devastating landfall.
My current focus as a local leader involves cybersecurity, an area of increasing importance in today's interconnected world. However, whether addressing cybersecurity threats or responding to natural disasters, I draw on a solid foundation of emergency management principles honed at the local, state, and federal levels.
“Addressing the preparedness for various emergencies, I believe the foremost threat facing our country, communities, and organizations is cybersecurity and cybercrime.”
One of the noteworthy achievements of the Town of Vernon was its recognition by the CDC during the COVID-19 pandemic. Our innovative approach to vaccination, including a groundbreaking partnership with Uber, garnered international attention. This success led to our town being featured on ABC Nightly News and prompted inquiries from municipalities worldwide seeking to replicate our efficient vaccination program.
Recently, my efforts have been concentrated on enhancing cybersecurity measures within our community. This comprehensive background allows me to contribute a wealth of experience and credibility to emergency management and cybersecurity discussions.
How do you approach risk management, and what strategies do you employ to guide leaders in the field, particularly cybersecurity?
When addressing the preparedness for various emergencies, a common inquiry I often receive, whether in academic or community settings, pertains to identifying the primary threat. Typically, individuals mention concerns such as terrorism and natural disasters like hurricanes or tornadoes. However, from my perspective, and contrary to popular response, the foremost threats facing our country, communities, and organizations are cybersecurity and cybercrime. Locally, in the Town of Vernon, we allocate significant human and financial resources to safeguard the security and integrity of our data systems, especially crucial for entities handling critical infrastructure, financial institutions, and healthcare systems.
Our approach to cybersecurity involves several innovative strategies within a comprehensive and holistic framework. We prioritize the training of employees, combining didactic and practical elements, including exams and simulated scenarios such as mock phishing scams and penetration tests conducted by external consultants. Collaboration is key, extending beyond our municipal departments to include the shared services approach with our public school system, a pioneering initiative in Vernon. Additionally, our robust fiber network enhances data protection.
Quality talent is essential in managing our IT department, and our hiring focuses on individuals with specialized training in cybersecurity, network security, and infrastructure. We have experienced a minor breach, and our systems, designed to be resilient, successfully averted any hostage situation or ransom payment. The financial implications of cybersecurity incidents, even minor violations, are substantial, with costs reaching hundreds of thousands of dollars. Insurance premiums related to cybersecurity incidents can exponentially increase, leading to significant financial burdens for affected entities.
Constant vigilance is crucial in the rapidly evolving landscape of cybersecurity threats. Remaining proactive involves staying informed about the latest threats, investing in continuous training, and learning from experiences, such as mock breaches, to fortify our systems. While cybersecurity is inherently challenging due to its virtual and technologically based nature, the Town of Vernon remains committed to a proactive and adaptive approach to protect against potential threats. The financial impact of cybercrime nationally is staggering, estimated conservatively at $30 billion annually, and highlighting the need for a robust and ongoing commitment to cybersecurity measures.
What is your advice for budding professionals in the field?
Ensuring a robust defense against cybersecurity threats requires a multifaceted strategy. First and foremost, organizations must invest judiciously in quality talent, particularly in their in-house IT department. Recruiting highly qualified individuals with specialized training and experience in cybersecurity and network infrastructure is imperative. Secondly, cybersecurity should be a top priority within the organization's overall emergency plans, acknowledging its critical role in safeguarding data integrity. Lastly, comprehensive training programs are essential for all employees to understand potential threats. This includes various testing methodologies, from phishing tests to penetration tests. As a testament to our commitment, the Town of Vernon is pioneering by planning a large-scale tabletop and full-scale cybersecurity training exercise over the next two years, positioning ourselves as leaders in emergency preparedness and response capabilities within Connecticut.
Read Also
