October is Cybersecurity Awareness Month in the United States, an educational campaign led by the Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) to raise awareness about the importance of cybersecurity.
Bad actors, bot-nets, phishing, and hackers never sleep. For Adam McKinney, Bannock County’s Chief Technical Officer, it’s a never-ending battle.
“I deal with cybersecurity daily,” McKinney said.
The FBI receives more than 2,000 internet crime complaints per day, according to the Bureau’s 2020 Internet Crime Report, and threats have increased exponentially since the Covid-19 pandemic.
Government agencies aren’t immune to the threats of cybercriminals. In 2020, nearly 80 ransomware attacks were carried out against U.S. government organizations. Comparitech, a pro-consumer website focused on cybersecurity, estimates these attacks cost American taxpayers upwards of $18 billion in 2020.
To safeguard Bannock County’s data- and taxpayer money–McKinney has prioritized cybersecurity by maintaining what he calls “an active posture” towards online threats and mitigating risk at every opportunity.
“Government agencies owe it to their constituency to be robust, proactive, and accountable in their security practices. It’s easy to besmirch the good faith of the citizens due to lax policies, and trust can take a very long time to restore,” McKinney said.
McKinney and his staff are constantly checking for gaps in protection. His department partners with larger cybersecurity agencies nationally and statewide to regularly test and audit the County’s capabilities and enhance its response to threats.
Bannock County partners include the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), the Multi-State Information Sharing and Analysis Center, and the Elections Infrastructure Sharing and Analysis Center. In addition, the County partners with the Idaho State Police’s Cybersecurity Team and the Idaho Criminal Intelligence Center to maintain an active posture toward cyber threats.
“We employ state-of-the-art firewalls, manage threat response and endpoint detection, which constantly monitor and examine traffic, and we use heuristic analysis to watch for threats,” McKinney said.
Antivirus heuristic analysis is a method of detecting viruses by examining code for suspicious properties, designed to spot new, unknown viruses and threats.
Cybercriminals are always changing their tactics, which means McKinney is continually learning.
“Just as threats evolve, so does our response,” McKinney said. “We’ve made general cybersecurity training part of the onboarding process for all employees of the County. We conduct routine phishing and spam email monitoring and interception programs and have deployed endpoint security software countywide.”
The constant and growing threat of attacks on cyberinfrastructure means government agencies, just like businesses and individuals, cannot disregard the importance of cybersecurity. To learn more about how to protect yourself or your business from cyberattacks, visit cisa.gov.