Governments at the state and local level must collect a wide range of data; it’s an integral part of the business of governing. And protecting that data from theft is a serious undertaking. Given the sensitive nature of the data being held, implementing an aggressive cybersecurity framework is critical to thwarting cyberattacks and maintaining public trust.
In Jefferson County, Colo., CISO Jill Fraser is charged with protecting the data of more than a half-million citizens. Information security at the level of local government can be a daunting challenge, she says.
“I argue it is harder than nearly any other industry. Unlike private sector business, which tends to have a single business focus, local governments have several lines of business, which means our organizations have multiple business priorities,” she says.
The nature of the data presents additional difficulty. “Local governments provide services related to public safety — police, fire, sheriff — and maintain significant amounts of sensitive data,” she explains.
When it came time to upgrade and secure the county’s network architecture, previously built using VMware vShield, Jefferson County Enterprise IT Services identified several key criteria, the most important of which was their desire to implement a zero-trust network model.
“We also decided that vendor lock-in was something we would avoid. If we wanted to change hardware or software vendors in the future, the network solution we chose would neeJeffd to support that,” Fraser says.
The threat of citizen data theft is real, but Fraser is confident that local governments can rise to the challenge.
“I believe locals are poised to be the leaders in government security. We have much supporting our ability to significantly mature our security posture,” Fraser says.
“Local governments are filled with personnel who genuinely and deeply care about the work they are doing. By training our workforce on security practices, local governments can turn a security team of none into a security team of hundreds or thousands,” she says.
Excerpt of StateTech article, “Three CISOs Weigh in on the Battle for Citizen Data Privacy,” published July 16, 2018, by Jacquelyn Bengfort. See the full article on the StateTech website >>