Following accusations that Russia was involved with the hacking of the Democratic National Committee during the 2016 United States elections, the subject of cyber security dominated news cycles last month.
During a “State of the County” interview with the Times of Wayne County last week, Wayne County Administrator Rick House said that they are aware of how important cyber security is and that Information Director Matt Ury is constantly taking measures to protect the county’s data.
“That is the type of thing that you don’t sit back on your laurels because when you create a better mousetrap, a smarter mouse is always coming along,” House said. “That’s something that is very fluid, and [Ury] works very, very hard, daily with his staff to make sure that we’re protected.”
In an interview on Thursday, Ury told the Times that he doesn’t think that the general public understands how much goes into cyber security.
“It’s a major concern for us, and we spend a lot of time and resources on cyber security,” Ury said. “It’s a large ongoing process, and we add more and more security features yearly. We are always looking for a new tool or a new way of being more secure.”
He said that the state and federal governments are constantly sending down threat alerts and giving suggestions. While he hasn’t seen anything significant since the election, Ury noted that they did receive a specific email from the federal government right before the election indicating that the threat level was elevated.
According to Ury, the biggest overall threat to any agency is ransomware, which is malicious software that installs covertly on a victim’s computer, encrypts their files and then demands a ransom payment to decrypt them.
Only recently have ways been developed to prevent ransomware before it happens, but Ury said the only way to really protect against it is to have data backups.
“A lot of the agencies that have had issues with ransomware didn’t have an adequate backup of their data,” he explained. “Here in Wayne County, we have multiple ways of backing up our data, and we make sure that it’s always secure.”
Ury’s department uses a multi-layer approach when it comes to cyber security, employing firewalls with intrusion protection, along with antivirus and anti-malware software. They also filter website content and block employee access to sites that could have vulnerabilities.
“We block thousands of spam emails a week because a lot of vulnerabilities come through email, so that’s a big deal,” Ury said. “During our yearly training, we do have an IT portion of training that people go through that goes over IT security and the policies that the county has.”
To ensure that they are actively keeping themselves protected from threats, Ury said that they hire third parties to give them vulnerability assessments. Essentially, those third parties attempt to break into the county’s network and then provide a report on how well they’re protected, which the county uses to continually improve their security.
Ury said that there have been multiple attempts to breach the county’s network in some fashion, something that he says happens to any government or agency. By being prepared, Ury said that they have always been able to block those attempts with minimal issues.
“Nobody’s security is 100 percent, and I think that anybody who gets a vulnerability test will always find something to improve on,” he acknowledged. “The way that the technology and threats are ever-evolving, I doubt we’ll ever be done changing our approach or adding to it.”
The post Wayne County IT Director: “You can Never let your guard down” when it comes to cyber security appeared first on Times of Wayne County.