Cybersecurity attacks happen every day across every industry, including public and private organizations. Even when controls are in place, a security breach or incident can still happen. Here's what to consider regarding cybersecurity if you are part of public administration on the local, state, or government level.
According to Verizon’s 2022 Data Breach Investigations Report, public administration accounts for more than 10% of security events that compromise the confidentiality, integrity, or availability of an information asset. Phrased in a more alarming tone, the Joint Technology Committee (JTC) points out in its Cybersecurity Basics for Courts, that “accepting that courts will face cybersecurity incidents is essential.”
The Cybersecurity Basics for Courts publication includes a list of suggested court actions to address cybersecurity concerns, but these suggestions are only possible actions to guide discussion.
Each individual court should conduct their own evaluation to ensure that the court’s operating environment and threat landscape are accounted for when developing a response to cybersecurity risk.
As a more thorough response to managing cybersecurity risk, the Center for Internet Security (CIS) publishes the CIS Critical Security Controls which play a pivotal role in the blocking, mitigation, or identification of attacks. Controls include:
Inventory and Control of Enterprise Assets
Inventory and Control of Software Assets
Data Protection
Secure Configuration of Enterprise Assets and Software
Account Management
Access Control Management
Continuous Vulnerability Management
Audit Log Management
Email and Web Browser Protections
Malware Defenses
Data Recovery
Network Monitoring and Defense
Security Awareness and Skills Training
Service Provider Management
Application Software Security
Incident Response Management
Penetration Testing
While this list of controls can admittedly be daunting, the controls are organized into implementation groups that allow organizations to prioritize and implement a set of controls that satisfies the organization’s desired response to cybersecurity risk.
As a starting point, Implementation Group 1 includes the foundational set of cyber defense controls that every enterprise should apply to guard against the most common attacks. These controls should be implemented by small to medium-sized organizations with limited IT and cybersecurity expertise whose principal concern is to keep the organization operational and protect the sensitivity of data.
Implementation Groups 2 and 3 provide additional controls and may be a fit for your court given an increased need to reduce cybersecurity risk to meet a more limited tolerance for downtime and increased sensitivity of the data being protected.
Ingalls provides an expert team of Cybersecurity Consultants prepared to lead your discussion around the appropriate level of control and perform a risk assessment to ascertain the requirements to meet the desired response to cybersecurity risk. Together, we can prepare for and aim to prevent cybersecurity incidents.