Maria Thompson Leads a New Era of Cybersecurity in NC

Thursday, July 21, 2016

North Carolina’s Chief Risk Officer Maria Thompson came to the new position in 2015 as part of the state’s efforts to bring information risk management capabilities in line with industry standards. Learn more about Maria’s background, experience and her role and vision for the One IT transition in her own words below:

“I was born in Ohio, but I was raised in Jamaica until I was 17 years old. I then joined the military. After 20 years in the Marine Corps, I retired as a Master Gunnery Sergeant and Information Assurance Chief for the Marine Corps, where I served as the senior enlisted cybersecurity advisor to the Chief Information Officer and the Senior Agency Information Assurance Officer.  

 Upon retirement, I worked as the Iraq Theater of Operations Certifying Authority primarily responsible for the certification and accreditation of all systems entering and connecting to the Multi National Forces Iraq network. I also held the roles of the Senior Security Engineer and Security Lead for the Environmental Protection Agency’s Security Operations Center.

 Now, I spend most of my free time with my daughter, and I sneak in a trip to the gym when my schedule allows.

Before coming to DIT, I was fortunate to have been exposed to a variety of operational environments, which broadened my understanding of operations from small unit to enterprise IT. In each role, I learned that there is always a need to gain an understanding of the business aspects as well as the people affected. In the Marine Corps, the lowest ranking person can provide benefit and add to any discussion or mission and their insights should never be discounted.

I also learned in my years in the military that clear communication is essential.  If we do not maintain effective communication as leaders, we run the risk of encountering “Fog of War.” This term means that if top-down communication fails, chaos can ensue, poor decisions are made and critical operations fail.

These experiences have provided very important lessons for us as a One IT Transition Leadership Team as we embark on this transition. In my current role, I am tasked to mold, manage and lead the Cybersecurity and privacy migration to DIT. This process will require development of future cybersecurity operating environment encompassing people, equipment and processes.

This transition is critical to the success of security within the State. We cannot continue to operate in “silos of excellence” and expect that our adversaries will not attempt to capitalize on our gaps. We need to focus on cybersecurity as a single, fluid entity. 

We also need to reduce duplicative spending and maximize our capabilities within the State.  Cyber professionals are a critical component to the success of any security operation. With the current high demand for security professionals, it is important that we are able to offer them a career path that will nurture and transform our people, allowing us to increase our cyber maturity level and posture.

I look forward to a future-state, fully transitioned DIT where we are able to increase our cyber security maturity level statewide. This will ensure that we are able to effectively reduce risks to State’s data and obtain and maintain an acceptable level of compliance across the board.”

Do you have questions for Maria? She is available at