Danny Miller – Texas A&M University System/Texas Division of Emergency Management

COVID-19 threatens more than one’s physical health. There’s also a virtual risk from opportunistic online viruses—some of which seem tailor-made to exploit the current crisis.

So says Texas A&M CISO Danny Miller, whose responsibilities have covered the 11-school Texas A&M University System and eight state agencies since 2014. In 2019 he added another title to his resume (albeit in an interim capacity): Director of the Texas Division of Emergency Management. The latter having evolved from post-World War II civil defense programs, it now advises and helps state and local governments respond to anything from hurricanes to hackers.

A year ago, Miller and his team at TDEM had a strong hand in mitigating a ransomware attack on 23 of the Lone Star State’s counties but warns there’s even more reason today to keep up one’s cyber guard.

“The hackers know now that more people are working at home and often not protected by the firewalls of their corporate entities,” the affable Miller tells Toggle in late summer. “Home PCs don’t have the same level of protection of an industrial-strength malware protector, and so many people are being spear-phished.”

Leveling with ransomware

At last count, Miller knew of over new 73,000 phishing sites that have mushroomed in the pandemic’s wake, netting sensitive personal data from those unlucky enough to click the links. In his dual roles, he’s implementing new policies and protocols that include a security operations center—or SOC—at Texas A&M while his TDEM team serves as the first responder for any large-scale cyber incident. They had to contend with that in the summer of 2019 with Gov. Greg Abbott ordering a Level 3 Escalated response.

The affected counties included cities and towns and all their departments, as well as some military bases, with the source being a vendor to the public sector.

But whereas most ransomware attacks last a month, this one was brought under control in just 10 days, with what Miller hopes is a significant disincentive for the still-unidentified hacker to try again.

“A lesson we drove home on that incident and others is that we would not pay ransom,” he firmly states. “We’ve seen other public entities hit by ransomware, and when they pay word gets around the hacker community and they’ll get hacked again.”

Miller is also encouraged by the prospects of the Texas Legislature passing a no-ransom-to-ransomware bill next year, but still advises municipalities to be more proactive in safeguarding their data.

Among other measures, he says the 2019 hacking should demonstrate the importance of air gapping computer systems, which separates secure and unsecure networks. Too many municipalities have yet to update their systems, Miller says, believing cybersecurity to be a cost (and a big one) rather than an investment. That, or they simply lack the monies to match the more sophisticated defenses of the private sector.

At any rate, Miller hopes that the farsighted approach of Texas A&M will give the so-called white hats some leverage in this ongoing cybersecurity war.

Security in SOC

That aforementioned SOC provides nearly 24/7 monitoring of the university system’s data centers at 11 schools and eight state agencies. Similar services are afforded to some municipalities and utilities, sparing them from outsourcing their network monitoring to a private company—and saving them money in the process.

“We’re not looking for a big profit,” Miller assures. “Basically we’re just covering our costs and overhead and making enough so we can keep growing.”

Along with grooming the next generation of infotech talent.

The SOC enables paid internships, connecting capable students with federal agencies and large companies, many of which are either headquartered or have large satellites in Texas. Next year, the RELLIS campus—a long-ago Army airfield in Brazos County—will launch an alternative program for students wanting to further their IT credentials without undergoing the traditional four-year college commitment.

Eighteen months of intense, hands-on instruction should prepare them to pursue the necessary certification to become CISOs and other high-demand positions. Texas A&M will also commence with a degree program in cybersecurity, a subject that Miller thinks would benefit anybody, regardless of academic interest.

That subject, after all, has done much to further Miller’s career. Though it was one he had to learn post-grad—cybersecurity not even being a household word while he was majoring in computer science and mathematics at Lamar University during the early and mid-1980s.

A lifelong learner

Back then, engineering seemed the most logical career path, with Miller seeing his studies as preparation for such Texas industries as energy exploration, refining, and chemical exploration. Interestingly enough, he spent several years in banking before shifting to petrochemicals.

Along the way, Miller enhanced his credentials by beginning an MBA at St. Edward’s University in 2011 and recently enrolled in an online cybersecurity master’s program with the Georgia Institute of Technology. Prior to coming to the university system, he oversaw cybersecurity and privacy practices for the Grant Thornton International accounting firm.

It’s a satisfying dual role, Miller says of his responsibilities at the Texas A&M University System and TDEM. He describes how his work has been as much about people skills as technological savvy—the need for consensus and collaboration essential in any campus or public enterprise. IT being an evolving profession, his off-hours are often spent poring over online publications and info-sharing platforms.

“You can never know too much about this subject,” he reminds.

And best not to stand still—something Miller says the university system won’t be accused of doing.

“We haven’t been waiting to hear from a higher power agency to figure out what the next steps should look like,” he says. “We have been taking steps to implement protocols that now are recommended by state agencies. We’ve set a great precedent.”