govciooutlook
Sign In

Subscribe to our Weekly Newsletter to get latest updates to your inbox
DECEMBER 20258GOVERNMENT CIO OUTLOOKIN MYOPINIONLOCAL GOVERNMENT INFORMATION SECURITY CHALLENGES IN THE 21ST CENTURYave you ever experienced a data breach, or been victim to a ransomware attack? For some organizations, they can say they have been lucky to avoid this. For others, the story is quite more horrifying. During my experiences as a consultant, for small to medium businesses, I have lived with this sad reality of customers losing data because of ransomware. I have seen the impact to their businesses and their ability to service their customers. As we bring on more technologies such as artificial intelligence (AI) and start to live out the reality of Internet of Things (IoT), the attack vector just gets larger and more sophisticated. Now more than ever, with more devices being connected to our business resources, the wider our security platform has to be extended.In local government, there are many different services that are offered to the public and these services collect and maintain sensitive information. We are talking about criminal justice information, patient data, homeowner and land information data, credit card information, and many other different pieces of Personally Identifiable Information (PII). Many local government agencies have control of water supply systems, public safety services such as EMS, fire department and police services. These are all services that the community relies on for quality of life and safety. What if a cyber security attack would bring down these public safety services? What would that look like? Let's take a moment to briefly think about the widescale impact of such an attack. Let's take a local city government for example. A receptionist opens a phishing email and a malicious payload is loaded on this receptionist's computer. This malware reaches out to systems on the network and finds open vulnerabilities on servers on the network. Let's say this attacker goes undetected for 14 days. During this time, the attacker manages to infiltrate your identity management services and creates a global administrative account, giving them full open access to the entire network. On day 15, people start to come into the office and the first thing they notice is that the phones are down, then they notice that they are not able to log into their computers. IT is called and they no longer have remote access to servers. IT then walks into the data center and notices that all systems are encrypted when they console into servers. What next? What would this look like in your environment? What services would be impacted? Where would you begin? How long would it take you to recover? Who would you have to contact? Attacks are getting more sophisticated. Attackers are now able to get into a network by sending us a phishing email and using social engineering to get access to our network. The days of trying to `hack' or `crack' routers and firewalls are really becoming outdated. Not to say that we shouldn't patch our edge devices with security patches, but honestly HJoel Woppert, Director of Information Technology, Washington County, WisconsinByJoel Woppert
< Page 7 | Page 9 >