ICMA's Voices in Local Government podcast recently welcomed Parham Eftekhari, executive director of the Cybersecurity Collaborative, and Hemant Desai, chief information officer of ICMA, to give an overview of cybersecurity in local government.
Best practices, prioritization, training a reluctant staff, improving the manager-chief technology officer relationship, justifying better resources, and measurable goals were the primary areas covered in this initial cyber-themed episode. To help managers and staff relate to their techie colleagues, here is a cheat sheet defining cyber buzzwords and technology executive titles.
An upcoming second cyber podcast will feature chief information security officer for the state of Texas, Nancy Rainosek, and former chief security officer of the state of Michigan, Dan Lohrmann. Both have extensive experience at the local level and will focus on what to do before, during, and after a ransomware attack.
What Some Cyber Buzz Words Really Mean
Many local government managers or other non-tech experts have heard these phrases but don't quite know how to define them or understand the context of how they fit into an organization's overall cybersecurity plan. Here's a quick rundown of some terms used in the podcast you should know:
Layered Security – Securing systems at various layers in an environment using multiple components, i.e., email, firewall, encryption, web, mobile.
Principal of Least Privileged – When a user or a group is given a minimum required level of permissions needed to perform their necessary functions.
Multifactor Authentication – Authentication process in which access is granted only after presentation of two or more verification factors to gain access to a system or a resource.
Firewalls – In a computing environment, devices that monitor and filter inbound and outbound network traffic based on established security policies.
Risk Assessment Score – Identifies the level of exposure that an organization is exposed to a potential cyber-related incident.
Incident Response Plan – Document that outlines an organization’s procedures, roles, and responsibilities with regard to a cybersecurity-related incident.
Risk Register (Processes or systems) – A document used as a risk management tool. It acts as a central repository of all identified risk, probability of the risk, and its impact.
Security Posture – Refers to overall state of cybersecurity readiness. It considers a holistic assessment of all aspects of IT and other security measures taken to ensure a secure environment.
End Points – Typically refers to devices that are physically at the end (edge) of a network.
Attack vector – A pathway used by hackers to penetrate system(s), i.e., viruses, instant messages, emails, and email attachments.
Similar but Different in Name and Function
What's the difference between titles and responsibilities when some version of technology, security, and chief officer or director is in all of them? It can vary by organization and individual hired, but here are the widely accepted answers:
Chief Technology Officer – Executive in charge of technology needs and creating a technology strategy for an organization.
Chief Information Officer – Executive in charge of an organization’s technology vision and in engaging with business functional teams to assess and help create overall information technology strategy.
Chief Information Security Officer – Executive responsible for designing and implementing an organization's security program, training employees on security practices, and working with outside security vendors.
Chief Security Officer - Executive responsible for the safety and security of company data, personnel, and assets. May also be responsible for physical security.
IT Director - A senior manager in information technology within an organization responsible for day-to-day technology operations.