Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cyber Security in Local Government. One of the Industry’s Most Widely Recognized and Highly Accredited Partners 1.

Published byElijah Riley Modified over 8 years ago

Similar presentations

Presentation on theme: "Cyber Security in Local Government. One of the Industry’s Most Widely Recognized and Highly Accredited Partners 1."— Presentation transcript:

1 Cyber Security in Local Government

2 One of the Industry’s Most Widely Recognized and Highly Accredited Partners 1

3 Representative Clients FEDERAL, STATE & LOCAL GOVERNMENT

4 3 Some Interesting Facts More than 94 million citizens’ records, under the care of government agencies, are estimated to have been lost or breached since 2009. 1 The average cost to the government of a single data breach has been estimated at $5.5 million or $194 per individual record. 2 Government organizations with a broad range of functions— revenue, benefits, healthcare, and security to name a few—have relied on Social Security numbers (SSNs) as a unique identifier in their systems for years. 1 Rapid 7 LLC, Data Breaches in the Government Sector (September 2012). 2 Ponemom Institute LLC, 2011 Cost of Data Breach Study: Global (March 2012).

5 4 Some Interesting Facts In 2012, one state experienced two data breaches, each of which exposed personally identifiable information in a different way. The first occurred from inside the organization when an employee transferred the information of more than 225,000 Medicaid beneficiaries to a personal email account. The second breach was far more sophisticated and caused by an external cyberattack. This breach exposed information on 3.8 million taxpayers, including SSNs and bank account data, and resulted in a staggering $14 million cost to the state, the resignation of at least one high-ranking government official, and immeasurable damage to the public trust.

6 5 How Does This Really Happen? It’s surprisingly simple … The Attacker sends an email with a link to all Department of Revenue Employees. Some of those people click on the link and are asked to re-enter their password. About a month later, the hacker logs in with a valid userid and password, and copies a backup of one of the HR Databases.

7 6 Resistance is futile … You must comply Interestingly, the state referred to on the previous slide is compliant with IRS rules for collecting and storing SSNs and bank account data. But the IRS does not require that SSN and bank account data be encrypted or masked. As a result, organizations need to consider tools that go beyond covering compliance.

8 7 Are you doing the basics ? Putting up walls to keep hackers out is great, but why not keep the really expensive items in the safe ? Or, would you leave your money sitting around for everyone who stops by to help themselves to?

9 8 What can you do ? Do a compromise assessment. They are simple and often are done by security firms at little to no cost. Companies such as Intel Security and FireEye offer these to prospective customers. Think about a Security Program Assessment. This not only Identifies you where you currently are, but also creates a roadmap toward the goal of comprehensive security. You can’t outsource responsibility. Always hold someone internally accountable, who holds external resources accountable.

10 9 Thank You & Questions

Download ppt "Cyber Security in Local Government. One of the Industry’s Most Widely Recognized and Highly Accredited Partners 1."

Similar presentations

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
This refresher course will:

This refresher course will:
Greg Lamb. Introduction It is clear that we as consumers and entrepreneurs cannot expect complete privacy when discussing business matters. However… There.

Greg Lamb. Introduction It is clear that we as consumers and entrepreneurs cannot expect complete privacy when discussing business matters. However… There.
Security Concerns at Offshore Development Centers MIS Practicum Presentation Week 6 Ashish Bahety.

Security Concerns at Offshore Development Centers MIS Practicum Presentation Week 6 Ashish Bahety.
We make it easier for businesses of all sizes to safely accept checks transmodus offers clients automation utilizing our online processing platform for.

We make it easier for businesses of all sizes to safely accept checks transmodus offers clients automation utilizing our online processing platform for.
Remote On-line Backup Service. How safe is your business data?

Remote On-line Backup Service. How safe is your business data?
Common Issues in Formation of Small Business Robert M. Baldwin CPA, PFS Baldwin & Associates, LLC Charleston, South Carolina.

Common Issues in Formation of Small Business Robert M. Baldwin CPA, PFS Baldwin & Associates, LLC Charleston, South Carolina.
How to Create (and use) Strong & Unique Passwords Larry Magid Co-director ConnectSafely.org.

How to Create (and use) Strong & Unique Passwords Larry Magid Co-director ConnectSafely.org.
© Affiliated Computer Services, Inc. (ACS) 2010 ACS Email Encryption.

© Affiliated Computer Services, Inc. (ACS) 2010 ACS Encryption.
External Threats to Healthcare Data Joshua Spencer, CPHIMS, C | EH.

External Threats to Healthcare Data Joshua Spencer, CPHIMS, C | EH.
BASIC GURU A Great Tool – No More, No Less!. Tools we all use Email Fax Quoting Tools Fax Machine Cell Phones Each of these tools is designed to increase.

BASIC GURU A Great Tool – No More, No Less!. Tools we all use Fax Quoting Tools Fax Machine Cell Phones Each of these tools is designed to increase.
1 Title ECI: Anatomy of a Cyber Investigation Who Are the Actors.

1 Title ECI: Anatomy of a Cyber Investigation Who Are the Actors.
The Financial Impact of Cyber Security 50 Questions Every CFO Should Ask A publication of the American National Standards Institute and the Internet Security.

The Financial Impact of Cyber Security 50 Questions Every CFO Should Ask A publication of the American National Standards Institute and the Internet Security.
Www.softwareassist.net Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.

Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.
Enterprise Computing Community June 13 - 15, 2010February 27, 2010 1 Information Security Industry View Linda Betz IBM Director IT Policy and Information.

Enterprise Computing Community June , 2010February 27, Information Security Industry View Linda Betz IBM Director IT Policy and Information.
Case Study: Department of Revenue Data Breach National Association of State Auditors, Comptrollers and Treasurers March 21, 2013.

Case Study: Department of Revenue Data Breach National Association of State Auditors, Comptrollers and Treasurers March 21, 2013.
Fraud and Prevention: Lessons from the Fire Service August 24, 2015 1.

Fraud and Prevention: Lessons from the Fire Service August 24,
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Thomas Jenkins.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Thomas Jenkins.
1 SECURITY & HIPAA DATA ENSURE INC. 798 PARK AVE. NW SUITE 204 NORTON, VA 24273 (276) 679-7900 WWW.DATAENSUREINC.COM D E.

1 SECURITY & HIPAA DATA ENSURE INC. 798 PARK AVE. NW SUITE 204 NORTON, VA (276) D E.
DATA PROTECTION & FREEDOM OF INFORMATION. What is the difference between Data Protection & Freedom of Information? The Data Protection Act allows you.

DATA PROTECTION & FREEDOM OF INFORMATION. What is the difference between Data Protection & Freedom of Information? The Data Protection Act allows you.

Similar presentations

Ads by Google