This fall, Assistant Chief Information Officer Misheck Mundia with the City of Fredericksburg attended the Public Technology Institute (PTI) Chief Information Officer Summit in Austin, TX. VML Insurance Programs (VMLIP) covered Mundia’s costs for the trip as he has brought back a wealth of information on the state of information technology for VMLIP members.
Among the sessions Mundia attended, the first was titled Security Awareness is a Shared Responsibility. The session – focused on cyber security – stressed that it is no longer enough to harden the perimeter and patch systems – users have to be part of the equation.
“It is evident that the weakest link is the human factor,” said Mundia. “Many organizations don’t have a cyber program to engage their staff, and if they did, it was only through an annual engagement.”
Mundia says that those organizations who are taking things further are utilizing posters and pamphlets distributed throughout the organization at different times during the year. But it still may not be enough.
“Just as you practice fire drills and other evacuations, it’s important to implement security drills as well, such as a ‘USB drop’ exercise,” said Mundia. “This is where IT staff drop a USB drive around the office and observe what the users do.”
Other drills include a fabricated spear phishing event – organized by the organization or a hired partner to see how users handle this type of event.
Mundia noted that 62 percent of organizations surveyed by PTI did not have breach insurance – a coverage offered to local governments through VMLIP.
“We, as local governments whether large or small, do not have the resources that other organizations have, so we need to engage our users on a more practical level,” said Mundia. “If all you can afford is the yearly engagement – any level of awareness is better than none.”
“However, if we can provide some real life examples for the users to work through, it can be extremely beneficial.”
Big Data and GIS
Another session attended by Mundia was Data Visualization: One Picture is Worth 1,000 Words.
“This rang true for me as a representative from local government,” said Mundia. “As more software packages are integrated with the local Geographic Information Systems (GIS) resources or another GIS source, leadership is asking for more data in a graphical or illustrative format.”
“Even more useful is an interactive visualization of the data.”
Mundia says that as more organizations acquire these systems – graphical representations of data is becoming the norm for reporting summaries of the information. For governments to require graphical representation of reported data in submittals will allow for a quicker overview than when information must be parsed from a massive report.
“I believe GIS is no longer limited to the creation and display of map layers, but it is also a data interpretation tool which represents data visually – and provides a quick way to convey and digest information.”
Another significant session Mundia shared was Blockchain Simplified: What It Is, Why You Should Care, and How Will It Impact the Future of Government?
“Blockchain is one of the latest technologies that local governments need to keep in the forefront, as data grows and needs to be managed and secured,” said Mundia.
To analogize Blockchain – it is like the rings of a cut away tree. If one wanted to erase one of the rings and leave no trace, that would be impossible due to the multiple linked rings.
“That’s the idea behind Blockchain, it is defined as an incorruptible digital ledger which can be applied to everything of value,” said Mundia.
While Blockchain was born from the Bitcoin digital currency, it is now being utilized for other areas – such as distributing pieces of data throughout a network of decentralized computers to make access to the complete data difficult for hackers to obtain.
“Today we use a centralized system in which all of the pieces of the data are in one location, so if hacked, the hacker would have all the data pieces in one location,” said Mundia.
He described an example given by the speaker focused on body-worn cameras utilized by law enforcement. Today, the storage and integrity of the data can come into question as the data is shared with many parties involved with the court process – including lawyers, prosecutors, judges, etc.
“If governments began using Blockchain technology – one system that everything feeds into – we would have transient trust between the entities needing the data and would not have to reproduce and store it in multiple locations, ensuring its integrity.”
Many believe Blockchain is a genesis transaction that builds on itself, and is distributed through millions of servers around the world – making the hacking of this data impossible as they would need to change not just one instance, but millions of instances of the data on various servers.
“We need to keep our eyes on this technology for use in the local government arena,” said Mundia. “It may require new policies, procedures and standards are created, but this is so with any new technology introduction.”
For more information on cyber security resources available to members through VMLIP, visit the YourCISO information page here.