04/16/2024 - Additional Doc-IT Dept. 2024 UpdateATCHFO
ING SEQUENCE
re
fif5TEVA
RDA
z
Jq R
IT DEPARTMENT 2023-2024 HIGHLIGHTS
m
Washington State Auditor's Office
Critical Infrastructure Audit
Port Orchard earned a perfect score on a
critical infrastructure audit conducted by
the Washington State Auditor's office.
This accomplishment signifies the
exceptional resilience and security of our
city's critical infrastructure, our
cybersecurity posture and user training
programs, and the commitment to
safeguarding critical systems and data.
IT DEPARTMENT 2023-2024 HIGHLIGHTS
m
Washington State Auditor's Office
Critical Infrastructure Audit
What is a Critical Infrastructure Audit?
This rigorous evaluation assesses the safeguards
in place to protect vital internal and public
systems, including:
• City Networking and Communications
• Devices and Endpoints
• Personally Identifiable Information (PII)
• Financial Records and Information
• Public Utilities
• Emergency Response Services and CAS
• Emergency Operations Center (EOC)
IT DEPARTMENT 2023-2024 HIGHLIGHTS
m
Washington State Patrol
CJIS Audit
Port Orchard also secured a perfect score
on its recent Criminal Justice Information
Services (CJIS) audit by the Washington
State Patrol Technology Division. This
rigorous assessment evaluates a city's
compliance with GIS standards for
safeguarding sensitive criminal justice
data and is required by state law every 3
yea rs.
IT DEPARTMENT 2023-2024 HIGHLIGHTS
m
Washington State Patrol
CJIS Audit
What is a CJIS Audit?
A CJIS audit is an inspection conducted to ensure
a criminal justice agency's compliance with the
FBI's Criminal Justice Information Services (CJIS)
Security Policy. This policy outlines the standards
for how agencies should handle Criminal Justice
Information (CJI).
IT DEPARTMENT 2023-2024 HIGHLIGHTS
m
Washington State Patrol
CJIS Audit
CJI refers to a broad range of sensitive data,
including:
• Biometric data: Fingerprints, DNA
• Identity history: Criminal records, arrest
wa rra nts
• Biographic data: Names, addresses, dates of
birth
• Property data: Stolen vehicles, recovered
weapons
• Case/incident history: Details of crimes and
investigations
IT DEPARTMENT 2023-2024 HIGHLIGHTS
A Perfect Score: What it Means
Earning perfect scores reflects our commitment to
safeguarding these essential systems. It
demonstrates that we have implemented strong
security measures to address potential threats and
ensure their continued functionality.
A Continuing Commitment
While these achievements are commendable, our
dedication to infrastructure security remains
constant. We will continue to collaborate with the
State Auditor's Office and Washington State Patrol
to leverage best practices in maintaining the
highest standards of protection.
IT DEPARTMENT 2023-2024 HIGHLIGHTS
FY22 State and Local Cybersecurity
Grant Program (SLCGP)
In 2023, Port Orchard submitted a
proposal, and was awarded a grant from
the DHS/FEMA FY 22 SLCGP funded
program in the amount of $36,450 for our
project proposal, "Cybersecurity: A Shared
Responsibility".
This project has been implemented, and
is at -85% completion, with funding to
be reimbursed. The project completion
date is expected to be early Summer
2024.
IT DEPARTMENT 2023-2024 HIGHLIGHTS
FY22 State and Local Cybersecurity
Grant Program (SLCGP)
Project Scope and Highlights:
• Conducting a security risk assessment to identify the
threats that our City is most likely to face.
• Selecting an MDR vendor and hardware/software
solution that meets the needs of the City and its
citizens (Critical Insight).
• Implement a 24x7 Managed Detection and Response
service, so limited staff and hours do not inhibit full
monitoring and prevention of data loss or
compromise.
• Implementation of more secure controls such as
MFA, increased endpoint security, and intrusion
detection/prevention.
IT DEPARTMENT 2023-2024 HIGHLIGHTS
FY23 State and Local Cybersecurity
Grant Program (SLCGP)
In 2024, Port Orchard will submit another
grant proposal for the DHS/FEMA FY23
SLCGP funded program for approximately
double the amount of our previous
proposal (N$68,000).
This will ensure continued funding of our
current efforts, and will add funding for
new networking hardware, security
software, immutable cloud archiving, and
staff training.
The proposal is due by May 10t", 2024.
IT DEPARTMENT 2023-2024 HIGHLIGHTS
m
POPD Technology and Security
Improvements
Thanks to the City Hall renovation, IT took
the opportunity to update and upgrade
many items in the Police area, including:
• Additional data ports throughout
• New networking hardware
• New monitors, wireless keyboards and
mice
• Docking stations for our Officers' new
Mobile Computer Terminals (MCTs)
from Kitsap 911
IT DEPARTMENT 2023-2024 HIGHLIGHTS
m
POPD Technology and Security
Improvements
Port Orchard IT Staff collaborated with
both Kitsap county, and Kitsap 911
(CENCOM) IT Departments to:
• Implement new software and
configurations for the new MCTs
• Create and deploy additional security
policies and measures
• Reconfigure and create new secure
network routes between all of the
entities' disparate networks
IT DEPARTMENT 2023-2024 HIGHLIGHTS
m
POPD Technology and Security
Improvements
Managed the installation of a new AXON
Interview room system, including:
• Two redundant video servers installed in the
City Hall server room
• Two cameras (one dome and one discrete)
• Two microphones
• A Touchscreen command controller outside the
room
Via the AXON Evidence.com cloud app, POPD
personnel can now securely view live or recorded
interviews through any POPD city devices,
including their mobile devices or tablets.
CI�B�RSE���t�TY
R..............
.........
LOCAE6%VERNMENTS
'-
Why it matters
• Our city holds a treasure trove of data - social security numbers,
financial records, criminal justice information, and more - making
us a prime target for cybercriminals.
• Compared to corporations, cities often have limited resources and
outdated systems, increasing vulnerability.
• Breaches can disrupt essential services, harm public safety, and
erode public trust.
Cybersecurity's role
• Protects critical data from breaches and ransomware attacks.
• Ensures smooth operation of government services citizens rely on.
• Builds public trust by demonstrating commitment to data security.
Strong cybersecurity is no longer optional for local governments. It is
essential to safeguard data, maintain operations, and keep our
FAR[) 0
information safe.
C
rV
L 0 c A E-i I,,
TY
MENTS
................::......... ........
Unfortunately, Local governments were prime targets for
ransomware attacks in 2023. Here's what we know:
Increased Frequency:
• Reports from the Center for Internet Security (CIS) and StateScoop
indicate a significant rise in ransomware incidents targeting state
and local governments compared to 2022.
• The figures suggest a jump of around 51 % in ransomware incidents
during the first eight months of 2023 alone.
Impact on Operations:
• A 2023 study by Sophos revealed that a staggering 69% of state
and local government organizations reported being hit by
ransomware in that year. This translates to a high possibility of
disruptions in critical services offered by these agencies.
Data Encryption:
• The Sophos study also found that data encryption, a hallmark of
ransomware attacks, was at its highest in three years within the
local government sector. This means a high chance of sensitive data
being locked by attackers unless a ransom is paid.
I Tr D E P..A-.-R.T,
MENT
While our team is small, the City of Port Orchard IT
Department is dedicated to providing exceptional
service and innovative solutions that empower our
city government and enhance the lives of our
residents. We are committed to excellence in all
areas, from maintaining secure and reliable
technology infrastructure to developing user-
friendly applications that streamline city services.
Through continuous learning, collaboration, and a
focus on innovation, we strive to be a leader in
municipal technology, ensuring our city thrives in
the ever -evolving digital age.
•
Ile
............ . .. . .. . .......... . ..
OR
c,m
11%
jr
I ir ■ 11 LiLijAhap
• • ■