►
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Hi
I'm
Renee,
askew,
chief
information
officer
and
director
of
the
innovation
and
technology
department.
If
you
ask
any
business
leader,
consumer
or
resident
to
identify
their
top
IT
concern,
they
might
say
keeping
my
data
secure
with
the
growing
number
of
system
breaches
and
attacks
on
large
organizations.
Cyber
security
is
a
top
concern.
A
This
presentation
will
highlight
the
city's
cybersecurity
efforts
and
the
team
supporting
the
city's
information
and
assets.
Let's
talk
about
the
threat
landscape
since
2015
more
than
a
hundred
and
ninety
two
government
agencies
have
experienced
a
cyber
event.
In
the
past
six
months,
several
local
governments
have
paid
ransom,
totaling
more
than
1
million
dollars.
The
great
debate
amongst
organizations
is
whether
to
pay
or
not
to
pay.
A
Every
organization
has
to
determine
what's
right
for
them,
so
there
are
also
a
number
of
government
agencies
which
have
experienced
cyber
attacks
so
we're
looking
at
cities
like
the
city
of
Atlanta
Baltimore
was
impacted
twice:
Akron
Ohio,
Albany,
New
York
and
many
many
others.
When
you
start
looking
at
close
agencies
such
as
Texas,
we
had
23
government
agencies,
impacted
and
a
single,
coordinated
ransomware
attack
so
think
about
that.
23
government
agencies
impacted
in
a
single
event
closer
to
home.
We
have
Cabarrus
County,
Mecklenburg,
County
Lincoln,
and
the
City
of
Concord
was
hit
with
a
ransomware.
A
You
also
had
issues
such
as
web
defacing
business,
email
compromise
and
a
number
of
other
events
resulting
in
a
loss
of
1.7
million
dollars.
That's
a
lot
of
money
for
local
government,
but
cybersecurity
attacks
are
launched
against
agencies
and
an
attempt
to
penetrate
systems
and
capture
valuable
information.
These
threats
originate
from
a
number
of
sources,
so
in
the
cyber
world
we
use
terms
such
as
nation-states,
which
are
foreign
entities
and
foreign
organizations
that
try
to
attack
our
local
government
activists
and
activists
are
those
with
political
or
social
motivations
for
unlawfully
accessing
computer
systems.
A
And,
of
course,
we
have
your
criminals.
Cyber
criminals
want
to
profit
from
selling
stolen
information
and
data.
Now
that
we've
talked
about
cyber
criminals
and
threat
actors
who
target
city
systems,
let's
talk
about
the
methods
they
used
to
gain
access.
Business,
email
compromise
is
a
big
problem.
An
email
is
sent
to
a
company
CFO
requesting
immediate
wire
transfer
of
funds.
The
email
to
the
city
is
from
a
trusted
person
to
redirect
wire
funds
or
payments.
Another
is
phishing
or
spear.
A
Phishing
emails
emails
to
trick
employees
to
give
up
personally
identifiable
information
or
install
malicious
software
called
malware.
The
attempt
here
is
always
about
gaining
access
to
the
system
to
retrieve
data
denial
of
service.
In
this
scenario,
cyber
criminals
attempt
to
block
use
of
the
city's
system
and
network
by
attacking
infrastructure
and
disrupting
services
defacement,
as
defined
defacing
in
the
cyber
world,
is
changing
or
posting
content
on
a
website
or
social
media
platform.
A
A
The
city
has
had
three
cyber
attacks,
two
were
considered
brute
force,
password
attacks,
and
these
are
tools
that
are
used
by
the
adversary
to
randomly
generate
passwords
in
order
to
find
a
combination
to
gain
access
and
the
other
is
distributed,
denial-of-service
otherwise
known
as
DDoS
in
a
security
world,
and
this
is
an
attempt
to
take
over
the
city
systems.
Neither
of
these
attempts
were
successful.
An
acute
uptick
in
quantity
and
quality
of
spear
phishing
emails
targeting
executives
and
senior
city
management
has
been
identified
since
the
announcement
occurred.
A
Now
that
I've
shared
with
you,
the
scary
aspects
of
cyber
security,
I'll
put
your
mind
at
ease
by
sharing
with
you
a
little
about
the
city's
cyber
security
division.
The
principal
responsibilities
of
the
cyber
security
division
is
to
detect,
protect
and
defend
the
city
against
cyber
threats.
The
team
is
comprised
of
a
chief
security
officer
and
ten
full-time
employees,
along
with
a
managed
security
service
room
who
provides
24
by
7
monitoring
services,
as
I
mentioned
earlier,
protection
of
the
city's
data
and
assets
is
the
top
priority
of
the
cyber
security
division.
A
The
cyber
security
protection
team
is
responsible
for
analyzing
system
logs
for
anomalies,
email,
discovery,
auditing
systems
for
compliance
to
security
policies
and
protocol
and
providing
24
by
7
threat
protection.
The
cyber
security
defense
team
is
responsible
for
ensuring
the
city's
infrastructure
is
secure
and
not
accessible
by
intruders.
They
defend
against
these
intruders
by
maintaining
firewall
technology.
Yes,
we
have
a
virtual
wall
around
the
city
system
to
prevent
unauthorized
access.
Our
systems
are
monitored
24
by
7.
A
Your
role
is
to
stay
alert
and
mindful
of
the
increase
in
cyber
activity
report
suspicious
emails
and
complete
cyber
awareness,
training
citywide.
Cyber
training
is
conducted
every
January
and
you're
also
to
ensure
your
teams
and
direct
reports
complete
the
necessary
training.
This
training
provides
information
and
examples
relevant
for
you
at
home,
as
well
as
at
work.
I'll
close
by
saying
this
cybersecurity
is
not
the
responsibility
of
one
individual,
but
requires
effort
and
involvement
from
all
of
us
stay
alert,
stay
vigilant.
Thank
you.