What Cybersecurity Controls Does Your Court Need?

Cybersecurity attacks happen every day across every industry, including public and private organizations. Even when controls are in place, a security breach or incident can still happen. Here's what to consider regarding cybersecurity if you are part of public administration on the local, state, or government level.

Should I Be Concerned About a Cybersecurity Breach?

According to Verizon’s 2022 Data Breach Investigations Report, public administration accounts for more than 10% of security events that compromise the confidentiality, integrity, or availability of an information asset. Phrased in a more alarming tone, the Joint Technology Committee (JTC) points out in its Cybersecurity Basics for Courts, that “accepting that courts will face cybersecurity incidents is essential.”

How Should I Respond to Cybersecurity Risk?

The Cybersecurity Basics for Courts publication includes a list of suggested court actions to address cybersecurity concerns, but these suggestions are only possible actions to guide discussion.

Each individual court should conduct their own evaluation to ensure that the court’s operating environment and threat landscape are accounted for when developing a response to cybersecurity risk.

What Else Can I Do?

As a more thorough response to managing cybersecurity risk, the Center for Internet Security (CIS) publishes the CIS Critical Security Controls which play a pivotal role in the blocking, mitigation, or identification of attacks. Controls include:

• Inventory and Control of Enterprise Assets

• Inventory and Control of Software Assets

• Data Protection

• Secure Configuration of Enterprise Assets and Software

• Account Management

• Access Control Management

• Continuous Vulnerability Management

• Audit Log Management

• Email and Web Browser Protections

• Malware Defenses

• Data Recovery

• Network Monitoring and Defense

• Security Awareness and Skills Training

• Service Provider Management

• Application Software Security

• Incident Response Management

• Penetration Testing

While this list of controls can admittedly be daunting, the controls are organized into implementation groups that allow organizations to prioritize and implement a set of controls that satisfies the organization’s desired response to cybersecurity risk.

As a starting point, Implementation Group 1 includes the foundational set of cyber defense controls that every enterprise should apply to guard against the most common attacks. These controls should be implemented by small to medium-sized organizations with limited IT and cybersecurity expertise whose principal concern is to keep the organization operational and protect the sensitivity of data.

Implementation Groups 2 and 3 provide additional controls and may be a fit for your court given an increased need to reduce cybersecurity risk to meet a more limited tolerance for downtime and increased sensitivity of the data being protected.

What Help Resources Are Available?

Ingalls provides  an expert team of Cybersecurity Consultants prepared to lead your discussion around the appropriate level of control and perform a risk assessment to ascertain the requirements  to meet the desired response to cybersecurity risk. Together, we can prepare for and aim to prevent cybersecurity incidents.