Summary
To: Finance Board
From: Stefan Massol, Director of Support Services
Date: 1/16/2020
______________________________________________________________________
Subject:
Title
Cybersecurity Overview
Summary:
Staff will present an overview of cybersecurity risks and current mitigation efforts.
End
Body
Background/Problem Discussion: In recent years, local governments have become a leading target for cybercrime. These efforts center primarily on fraud and ransomware attacks. There have been several successful attacks in Florida over the past year prompting many jurisdictions to accelerate investment in security and risk mitigation.
The Town’s investment in cybercrime risk mitigation has grown over the past year, and it is anticipated that greater investment will be needed in the months and years ahead.
Current mitigation efforts exist in multiple key areas, including:
1) Security policy updates
2) Training and monitoring
3) Backups and testing
4) Updates of hardware, software and operating systems
5) Automated threat detection
6) Mobile device management
7) Government Resources (i.e. MS-ISAC and CyberFlorida)
8) Active IT Management
9) Recovery Planning
These efforts require significant assistance from outside consultants with the resources, knowledge and expertise needed for proper threat mitigation.
Financial Implications: A typical ransomware attack can cost a municipal government upwards of several hundred thousands of dollars, either for the ransom and/or for recovery of encrypted data and restoration of integrated systems.
Additionally it is expensive to mitigate the threats posed by cybercrime, and this cost will only continue to grow in the years to come.
Recommendation: None, this is for discussion purposes only.