Cyberattacks have been in the forefront of news stories, with hundreds of attacks reported against companies and governments across the country. Most of these attacks originate in China and Russia making it an international crisis. The frequency of cyberattacks, including malware, ransomware and theft of data has escalated the need for Public Safety agencies to prepare and manage a robust cyber security strategy.
The cyber threat is even more acute with many Public Safety agencies implementing remote work options for employees.
In a January 22 article in the American City and Article, the current study by SolarWinds showed that cyber security threats are increasing, but the public sector’s ability to detect and deter these threats has not kept pace with the number and increasing sophistication of these threats.
Our January 2021 newsletter lead article discussed some of the various aspects related to cyber security and discussed a number of steps that can be taken to defend against cyber threats. A copy of that article can be found here.
Cyber Security Assessments
When building cyber security defenses, the first step is to perform an assessment of the current system.
The assessment should include the creation of stated goals and objectives, which should include preparing, conducting, and analyzing results to gauge risk. The National Institute of Standards and Technology (NIST) states that the Assessment results should provide the agency with the following analyses:
- Effectiveness of implemented systems
- Quality of the risk management processes
- Information about the security, privacy strengths and weaknesses of
the systems - Review of current cyber security mitigation for staff members
Each year NIST publishes an updated publication called “Assessing Security and Privacy Controls in Information Systems and Organizations”. While the publication is lengthy, it is designed to be used by a wide range of public sector agencies in developing an assessment plan. The publication is free and can be found here.
Cyber Security Programs
The creation of a cyber security program is the second step in dealing with cyber security threats. The goals of a cyber security program would be to:
The creation of a cyber security program is the second step in dealing with cyber security threats. The goals of a cyber security program would be to:
- Reduce the likelihood of a damaging cyber incident; this includes preventing devices from connecting to malicious sites and scanning for security weaknesses and vulnerabilities, etc.
- Detect malicious activity quickly, including by deploying network intrusion detection and prevention, undertaking penetration testing, and improving endpoint detections
- Respond effectively to confirmed incidents, including through collection and analysis of malware and other artifacts
- Maximize resilience, including by automating system backups and enhancing threat modeling
- Provide cyber safe methods for staff members to perform personal tasks
Cybersecurity and Infrastructure Security Agency (CISA) recommends certain measures that should be taken to establish a foundational cyber security program such as:
- Fix the known exploited security flaws in software
- Implement multifactor authentication
- Stop bad practices that are exceptionally risky
- Reduce Internet attack surfaces and get your Stuff off Search
- Sign up for CISA’s cyber hygiene vulnerability scanning
For additional information and a list of the tools, visit the CISA website.
Winbourne Consulting has assisted numerous clients in assessing various aspects of their operations including cyber threat protection. For additional information contact us at info@w-llc.com.