The Center for Digital Government and the National Association of Counties report cybersecurity is the greatest concern for county CIOs
This month the Center for Digital Government (CDG) reported county CIOs top priority in 2018 is cybersecurity, a concern that reflects a growing urgency in government to safeguard systems and data.
The CDG findings are part of its annual Digital Counties Survey conducted in partnership with the National Association of Counties (NACo). The survey evaluates counties on their use of technology and best technology practices. After cybersecurity, the top five priorities for CIOs included disaster recovery and continuity of operations, in second; citizen engagement and experience, third; IT staffing, fourth; and transparency, open data and data governance, in fifth (see infographic below).
Similar to city and state governments, NACo reports that with counties increasing their use of technology there is a critical need to shield departments from attack. Phishing and ransomware, two common attack methods, have become more prevalent and are impacting large and small counties alike. Examples of such security breaches can be seen in the WannaCry virus that struck a number of cities and counties in 2017, and the many ransomware attacks reported by counties, such as the attack in Bingham County, Idaho, reported in February, and the attack in Davidson County, North Carolina, in March.
Even counties that have not fallen pray to hackers are feeling the pressure to fortify defenses. In June, the Daily Chronicle reported that Lewis County, Washington, had experienced a massive surge in security threats. Steve Wohld, the county’s information technology services director, said the spike in threats forced staff to increase the time spent on cybersecurity tasks from 10 percent to 40 percent of their workday.
“There’s an over 300 percent increase in endpoint user attacks [on agencies in Washington state]” Wohld told the Chronicle. “The attacks on Lewis County are significant and much higher than they ever were.”
With cybersecurity efforts taking center stage, NACo announced a partnership with the Multi-State Information Sharing and Analysis Center (MS-ISAC) on Aug. 6 to provide increased cybersecurity protections for county governments. The partnership leverages the MS-ISAC’s Security Operations Center and its Computer Emergency Response Team to provide 24/7 support and strategic resources for counties.
Counties are also using the expertise and fortified infrastructure of the tech sector to ease security burdens placed on departments. In a joint webinar held by Microsoft and Accela, Accela’s Chief Product Officer Troy Coggiola and Microsoft’s Executive Director for State and Local Government Solutions Kim Nelson said cost savings and cybersecurity benefits of Software as a Service (SaaS) solutions are pointing governments toward the private sector.
“The smaller the government, the smaller the agency, the better the investment is in really going SaaS.” Nelson said.
Nelson said Microsoft invests about a billion dollars per year on cybersecurity research and development, technologies that are often more affordable and effective than a government’s own security measures. As an added benefit, the private sector often meets or exceeds national IT security standards. As example, Accela and Microsoft comply with the U.S. Department of Homeland Security’s Federal Information Security Modernization Act (FISMA) and the American Institute of Certified Public Accountant’s System and Organization Controls 2 (SOC 2) standard security standard.
“We’ve seen time and time again email phishing scams worm their way around state and local government systems, that’s something we help our customers avoid,” Coggiola said in the webinar. “For Accela, it’s about taking our Accela software and reducing the burden, the need for you to manage that on your own servers and in your own data center.”
To learn how SaaS solutions can improve cybersecurity watch the full webinar, Why SaaS has Become the Standard for Government Agencies here.Tags: cybersecurity, county government, CIO, cyber, malware