The past year or so, it seems, there are constant reports of cyber attacks affecting both the public and private sector. From viruses, bugs, and worms to eavesdropping, spoofing, phishing, clickjacking, and social engineering, our digital systems are at risk each and every day.
One of the latest reports comes from Mecklenburg County, North Carolina, where a county employee opened a phishing email that contained spyware and released a worm into the county's computer system. The demand to fix the issue? A $23,000 ransom. Data breaches frequently happen by accident or mistake, with employees being one of the greatest causes of such breaches.
And while these attacks just keep on coming, they also raise a few questions. How prepared are local governments? Could your organization handle a cyber crisis? Does your organization have what it takes to protect its computer systems and the community?
It's time to start caring about cybersecurity. End of story.
In a recent report released by ICMA and Microsoft, it notes that even if your organization has not yet experienced a breach, the probable consequences of one are simply too big to ignore. And the probability of remaining protected without having cybersecurity policies, a plan, and established protocols in place and actively updated is not in your favor when data already suggest that breaches and cyber extortion practices are rising.
Before you find your own jurisdiction’s security breach in the headlines, consider how a strategic approach can (1) help break down into manageable pieces what may feel like daunting tasks, and (2) protect a public organization, its employees, and the public it serves. According to the report, local government managers need to take control and focus on such important matters as:
- Understanding what data and information you have on your computer systems that needs protection.
- Encrypting data and devices, which is the first line of defense to any cybersecurity plan.
- Establishing and implementing the best cybersecurity practices by putting in place cybersecurity protocols and procedures for all employees in the organization to follow.
- Obtaining and reviewing cyber insurance policies to be sure that your organization has adequate insurance coverage.
If you need proof that putting a cybersecurity system in place will be beneficial for your organization, take a look at Jefferson County, Alabama.
Jefferson County has a great understanding of the importance of protecting one of its greatest assets—a medical facility—that is covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) regulations. Compliance with HIPPA regulations requires that the county must protect patient privacy and with its budget of $350,000, a plan was put together that the IT team adheres to in its daily operations. The county updates its security and cybersecurity plan once a year. Elements of the plan include the following components:
- Ransomware. In 2016, the county was subject to five ransomware attacks over an eight- to nine-month time period. The series of attacks forced the county to take a step back, assess its current environment, and devise a new strategy. The county ended up enhancing and overhauling its desktop security strategy, thereby deploying a new desktop security software framework to readily protect endpoints from malicious activity.
- Web security. After ransomware attacks, the county installed a new network appliance/device, Deep Discovery Inspector, which it uses to monitor network traffic and detect and protect against targeted attacks within the network. The IT team has also brought in a web security program, Blue Coat, designed to control, monitor, and secure Internet use by employees.
- Web traffic. The county monitors web traffic for security threats using a sandbox. A sandbox is a security mechanism for separating running programs. It is often used to execute untested or untrusted programs or code, possibly from unverified or untrusted third parties, suppliers, users, or websites, without risking harm to the host machine or operating system.
- Email. The county has multiple levels of security for email. The county uses an on-premise appliance, CISCO IronPort, for the first line of defense for these services: anti-spam protection, spam management, and anti-malware protection. Microsoft Office 365 Exchange Online Protection serves as a secondary defensive posture for email services.
Success for Jefferson County is measurable. It has gone from five attacks in less than a year to no successful attacks as of yet in 2017.
If you are still unsure how to start cybersecurity planning for your organization, download our latest cyber report. It was developed so our members are aware of what it takes to protect their computer systems and what current and future leading practices may look like.
Other resources on cybersecurity include:
- Checklist: Cybersecurity - How Managers Can Prepare for What Lies Ahead
- Cybersecurity Alerts for Local Governments
- Cybersecurity: Six Questions Managers Should Ask
- 9 Surefire Steps to Lock Down Your Cybersecurity
- Checklist: Ensuring a Safe and Secure Cyber Environment
- Growing Impact of Cybercrime in Local Government
- Cyberintrusions and Data Breaches