(Video) Meet a Member: Peter Higgins, Director, InfoSec Risk Management, Tyler Technologies
If you’re not in government IT, particularly state and local government, you may not have heard of Tyler Technologies, but it’s the largest software company in the nation solely focused on providing integrated software and technology services to the public sector. The company offers a huge range of software as a service applications from managing court records, to parking ticket collection, to utility billing, to property tax assessments – “We are very much aware of our involvement in the fabric that it takes to keep this country operating,” said Peter Higgins, InfoSec Risk Management Director. “We keep the lights on.”
We caught up with Peter just after FAIR training at FAIRCON19, where he said he was picking up strategies “to be able to come back and explain [a risk-based program] to the business executives… But I think it’s clear that we’ve gotten little to no resistance, it’s just a matter of getting the message right.”
Learn more in this video interview or read the transcript below.
TRANSCRIPT
Q: What’s the appeal of FAIR for you?
A: I came across the FAIR model studying for the ISACA CRISC and it clicked. What it got for me was the common taxonomy, and just the quantitative approach. For me, it harkened back to my graduate work, when I got a masters and we talked about quantitative decision making.
I’ve yet to use it, so this is a great opportunity for me to leverage that.
Q: What’s your impression of the conference and the people who are here.
A: Like-minded souls, want to solve a problem. What I get most out of it is the community. I think that’s going to be really important to solve those problems. It’s not a technical problem, it’s a people problem. I want to help with that.
Q: What’s your experience so far with adoption?
A: I reached out to the FAIR Institute in February. I realized that you guys were about ready to take off in growth. We did a three and a half-day POC last week [with FAIR Technical Advisor, RiskLens], did the two-day analyst training two days ago, and I’m here for this. What I need to do is be able to come back and explain it to the business executives because we are in budget cycle right now, so I’ve got to defend the budget. But I think it’s clear that we’ve gotten little to no resistance, it’s just a matter of getting the message right. Coming here is going to help me get the message through and cross that bridge.
Q: Why do you think they’re going to be receptive to FAIR?
A: As a company we have experienced exponential growth. We’re the largest company in the country that does software as a service for the public sector. So, when we start talking about critical infrastructure, that’s our market. We deal with all the public entities that support our community. As a company, we’ve peaked market cap so now we’re a large enterprise, so we are much more of a target, so we have to do a better job to defend our product and our customers because we are part of the critical infrastructure.
Q: What are your principal challenges – loss of data or loss of availability or both?
A: Our customer base is about 60% on premise, 40% hosted, and we go anywhere from a three-person bookkeeping shop on a small town on the coast of Maine to the entire state of Texas judicial system and everything in between. So, we are very much aware of our involvement in the fabric that it takes to keep this country operating. We keep the lights on. We see ourselves as a critical part of that. And I think FAIR is going to help us be even more successful doing that.
Related:
(Video) Meet a Member: Annie Lavoie, Director, IT Risk Management, BDC
