Connecticut maps out cyber strategy
Connecting state and local government leaders
The state's goal is to reduce the likelihood and severity of large cyberattacks by strengthening the awareness and resilience of public and private entities.
Connecticut Gov. Dannel Malloy made cybersecurity a priority for his administration starting in October 2016 when he appointed Art House to serve as the state’s first chief cybersecurity risk officer. On July 10, Malloy, House and state CIO Mark Raymond took that commitment to the next level with the release of the Connecticut Cybersecurity Strategy, outlining current efforts and future plans to manage threats for state government, municipalities, businesses, higher education institutions and law enforcement.
With tax, law enforcement and public health records on 3.5 million residents, state agencies are no strangers to cyber threats. Approximately 2 billion, or 42 percent, of external connection attempts from malicious IP addresses or threat signatures are blocked per month by perimeter security measures. An enterprise email gateway system blocks 85 percent of 38 million messages each month, and antivirus protection catches about 2,400 malware attempts before they are installed.
However, the report said about 66 state systems are infected or compromised each month despite these protections.
Although each state agency is also responsible for its own cybersecurity awareness programs and defense mechanisms, the Bureau of Enterprise Systems and Technology in the Department of Administrative Services (DAS/BEST) is working with agencies to help them with network perimeter safety and firewall management, employee access to unsafe websites, malicious email and antivirus measures and backups.
“If you think about over 40 agencies that we have in our state, some are really large with 3,500 people and others are small with only 10 or 11 employees,” Raymond told GCN. “For smaller agencies, we end up doing a lot of their response, detect and mitigation, with most of the work being done in-house unless an event periodically requires more resources than we can provide.”
The strategy recommends several ways the state can better address cybersecurity, including:
- Conduct regular security assessments.
- Boost adoption of standardized technologies and security protocols and contracting.
- Implement centralized approaches to multi-factor authentication for critical systems.
- Encourage more municipalities to use shared firewalls and other internet protections available through the Connecticut Education Network.
- Take full advantage of federal, cyber-related grant opportunities available to state agencies and municipalities.
Efforts are also ongoing to improve cybersecurity literacy for agency officials with training provided at no cost through the Federal Virtual Training Environment. Currently, the focus is on raising technicians' skill level so they can address cyber problems that arise.
Technology and cyber training is also provided through collaborations with the state's Department of Emergency Services and Public Protection’s Division of Emergency Management as well as the U.S. Department of Homeland Security.
When it comes to educating local municipalities and businesses, Raymond serves the co-chair of the Connecticut’s Cybersecurity Committee. The group shares details on emerging threats, coordinates best practices and opens up communication between state and local governments and private interests when attacks occur.
“To the extent that we need to work with our utility, water providers and large businesses, the time to build those relationships is not during an incident but before,” Raymond said. “Having an active participatory group of state, federal and private companies who are interested in this space allows to build and maintain that group.”
Read the Connecticut Cybersecurity Strategy here.
NEXT STORY: GSA ramps up blockchain exploration