Tewksbury hosts municipal cybersecurity summit | News | homenewshere.com – Tewksbury town crier
TEWKSBURY — Leaders from over a dozen local communities and municipal organizations came together in Tewksbury last month to discuss the threat of cybercrime. Hosted by the Town of Tewksbury, the forum was the first of its kind collaboration between municipalities and cyber professionals.
The day long meeting was an opportunity to discuss vulnerabilities that cities and towns in Massachusetts, and across the country, face. Ransomware, killware, and access to resident data were all part of the discussion.
Select Board member James Mackey, a cyber professional, moderated the discussion which was held at the Tewksbury Public Library with support from Leicester Cyber Solutions and Lowell 5 bank.
Topics such as election security, network security, threat detection, and internal processes for cities and towns were covered. Municipal leaders were encouraged to not only evaluate their current status, but to start to evaluate weaknesses and strategize ways to address them.
Mackey said, “I see this as just a first step on the long road to tackling the problem of municipal cybersecurity. This event was designed to introduce municipal senior management to some of the core concepts of cybersecurity. While they are not expected to be subject matter experts, they do need to be able to meet their technical staff half way”.
During the session, engineers and cyber operations experts introduced resources that are available to communities to use as part of an implementation plan for cybersecurity. First and foremost, managers were encouraged to create a roadmap for a cybersecurity program, involving department heads and IT departments within the city or town government.
Even if there is no strong process in place, there were immediate process changes that could be made, such as changing passwords to non-common, non-obvious choices.
Strategies from the National Institute of Standards and Technology were discussed. NIST is a government agency focused on science and technology and has created a framework for assessing and addressing cybersecurity risks for business and government.
Threat detection and management was broken down into several categories: identify, protect, detect, respond and recover. According to the framework, which was established in 2014, “The national and economic security of the United States depends on the reliable functioning of critical infrastructure. Cybersecurity threats exploit the increased complexity and connectivity of critical infrastructure systems, placing the Nation’s security, economy, and public safety and health at risk.”
The net of this strategy is to minimize risk.
Managers were encouraged to …….
Source: http://homenewshere.com/tewksbury_town_crier/news/article_6edb8b4e-426a-11ec-8e91-fba2d675f535.html