How Colorado's CISO is revamping the state's information security - on a $6,000 budget

Before Jonathan Trull took over as Chief Information Security Office for the state of Colorado in 2012, he had already been working in the Colorado Office of the State Auditor for a decade. As the Deputy State Auditor, he was responsible for overseeing annual audits of the state's systems.

It was during that time that Trull said he became concerned with what he observed as repeated mistakes and violations that were not addressed, and even took part in a penetration test on state systems with results he says were "horrifying." Trull recently spoke with CSO about his new role, and how he hopes to create effective change in Colorado's security infrastructure--even on a miniscule budget.