Terri Bettinger paid close attention to the recent cyberattacks on the websites of Ohio government agencies, banks and other businesses. She hoped to learn lessons to better defend the information she oversees. Bettinger is the chief information officer for Franklin County and head of its Data Center, which collects, stores and protects government data from property tax bills to court and medical records. She knows the system will be hacked. “It’s when, not if. It’s going to happen,” Bettinger said. She saw Licking and Henry counties become recent victims of ransomware attacks, in which hackers stole information or locked their systems and demanded to be paid. Neither county paid the high-tech extortion, but both had some services hampered because their computer systems had to be restored.
Bettinger is taking steps to try to ensure that doesn’t happen in Franklin County, noting it has been subject to “a handful” of hacker incidents. She knows that despite all of her precautions, despite the defenses her team has built, it almost surely will happen. “Someone is going to click on a link they shouldn’t,” Bettinger said. That’s a reason why Franklin County’s Data Center spends $3 million annually — 21 percent of its overall $14.4 million budget this year — on cybersecurity.
Experts stress that the best way to combat cyberattacks starts with individual users, so education and preparation are key.
… To help employees understand that, Bettinger plans a “phishing” campaign at work. Hackers can “phish” for information by sending fake emails, some very convincing, attempting to lure users into opening attachments that gives hackers access to the computer system and its information. “Security is not an IT function. It belongs to everybody,” Bettinger said.
Full Article: Local governments focus on cybersecurity after attacks.