Solutions Spotlight
Upcoming Events
Related News

Rising expectations bring mounting challenges
The public’s exponentially rising expectation of easy online access — fueled by unprecedented levels of convenience and expediency from smartphones, tablets, and laptops — comes with a major downside: never-before-seen levels of exposure to cyber criminals.
Bridging the gap between delivering the services people expect and operating in a totally secure mode is challenging. The breadth and sensitivity of information held by state and local government organizations — frequently including financial, medical and even criminal records — represents a very prized target for would-be hackers.
Cyber attacks are becoming more pervasive all the time. Announcements of high-profile data breaches are an almost daily occurrence.
Keeping safe
Staying ahead is of paramount importance for everybody entrusted with protecting data. However, it has become clear that traditional protection measures, like firewalls, intrusion prevention systems (IPS) and anti-virus (AV) software are not doing enough to protect organizations from the new generation of continually more sophisticated threats.
Maricopa County chief information security officer (CISO), Michael Echols, commented, “It’s really important to understand the characteristics and effectiveness of the security measures that you have in place. We have a multi-tiered approach and implement the best identification technologies available, but we also supplement this with a predefined mitigation strategy so that we know exactly how to handle anything that requires immediate attention.”
The county uses FireEye solutions to provide signature-less, real-time protection of its online assets. FireEye is a premier member of NACo.
Sharing the knowledge
Cyber security is obviously not just an issue for the county’s CISO. Echols noted, “We put a lot of energy into educating the community; the challenges we face are the same ones they are going to be facing at home. We feel a responsibility to share the best practices that will help our citizens to be safe online. We try to present a realistic view of the threats, as well showing what steps can be taken to minimize the dangers.”
For Echols it all comes down to being prepared. He summarized, “It’s really a numbers game: I’ve got to be right every time but the attacker only has to be right just once. We have implemented the very best defenses but are equally well-prepared for the remote possibility of a breach.”
(Echols is the chief information security officer (CISO) for Maricopa County, Ariz.— the fourth largest county in the United States. Prior to his appointment, he was a security consultant to multiple Fortune 500 companies. He is a published author and a sought-after speaker at national events, presenting on a wide range of information security-related topics.)
Attachments
Related News

County Countdown – June 30, 2025
Every other week, NACo's County Countdown reviews top federal policy advocacy items with an eye towards counties and the intergovernmental partnership. This week features the Senate reconciliation debate, transparency on sanctuary designations and more.

U.S. Department of the Interior announces PILT funding of $644.8 million to be distributed to counties
On June 24, the U.S. Department of the Interior (DOI) announced that over 1,900 state and local governments nationwide will receive $644.8 million in Payments in Lieu of Taxes program (PILT) funding for 2025. A complete list of funding by state and county is available here. You can also check NACo’s County Explorer for detailed county-by-county information on 2024 PILT funding levels.

DHS releases list identifying sanctuary jurisdictions; includes nearly 400 counties
NACo, along with the National League of Cities, and the International Municipal Lawyers Association, requested additional clarification on the methodology used to create the list, and noted concerns around the legal challenges that localities face when complying with ICE detainers. As of this time, NACo has yet to hear of a county receiving a formal notification that they were included on the list.