Cybersecurity Division Background

MISSION

The mission of the cybersecurity division is to support the governance of information and technology thereby effectively aligning cybersecurity objectives with the City strategy and provide guidance on managing cyber risks such that City leadership can make informed decisions and allocate resources appropriately.  Governance of information and technology ensures technology brings value to the organization and that cyber risks are known and mitigated.

SERVICES PROVIDED

The Cybersecurity Division was formed to identify and provide recommendations for the remediation of cyber risks that would impede the City's ability to meet its mission and uphold the core values of the City.  The division focuses on the concept of shared responsibility to achieve mission and goal alignment between IT, Cybersecurity, and City departments, establishes IT-business fusion, and emphasizes that cyber risk is organization risk.  The division recognizes the potential impact to City operations if cyber risks are not mitigated and focuses on three key areas: governance of Information and Technology, cyber risk management, and compliance.

Governance of Information and Technology

The Cybersecurity Division facilitates the establishment of governance framework and leads the effort to engage City departments. Governance of information and technology is concerned with value delivery from digital transformation and the mitigation of business risk that results from digital transformation.  To achieve this requires a coordinated collaboration between the Cybersecurity Division, IT Division, and City departments. Repeatable processes lead to consistency which provides operational efficiency mitigating the risk that IT services are not fit for purpose.

Cyber Risk Management

The Cybersecurity Division monitors cyber risks by maintaining situational awareness within the City and the current threat landscape.  For the City to meet its mission, it is vital for the City to be resilient and agile in responding to cyber risks. The Cybersecurity Division provides cyber risk remediation recommendation for City departments and divisions while communicating cyber risks in terms of impact on City operations.

Compliance

The Cybersecurity Division assess the current compliance status of various standards and requirements for Departments and Divisions, providing assurance, transparency, accountability, and evidence of compliance.

ACCOMPLISHMENTS

• The Cybersecurity Division is a new division within the Administrative Services Department and was established in December of 2020.
• Rolled out citywide cybersecurity awareness program. Staff are the first and last line of defense against cyber threats therefore it is important to ensure that staff are trained on how to avoid those cyber threats.
• Assessed the current state of the Information Technology Division. Assessment included: City Manager - IT Manager Alignment, IT Business Vision, End User Satisfaction, IT Staffing, Security Business Satisfaction & Alignment, and Security Governance and Management.
• Delivered critical and necessary cybersecurity and application training.
  Met with each department and division head to gain an understanding of their needs and how cybersecurity could best serve those needs. 

GOALS

• Develop and implement a cybersecurity strategic plan.
• Collaborate on the development, implementation, and alignment with the Information Technology strategic plan.
• Perform and document current state of cybersecurity for the City.
• Determine the gap between the current state of cybersecurity and industry standards.
• Develop a remediation plan to align cybersecurity activities with industry standards in a way that support the City's overall mission and core values.
• Implement a means to track the current compliance posture with applicable compliance standards and requirements.
• Perform vulnerability assessments against City systems to determine what vulnerabilities exist and provide the Information Technology division with a remediation plan.
• Deploy multi-factor authentication. This is a top control in minimizing many of today's cyber risks.
• Research and propose monitoring solutions to include privileged access management, security information and event management (SIEM), threat hunting, and system monitoring.