Securing California: One Local Jurisdiction's First Steps

Securing IT infrastructure is essential at every level of government. At the California Technology Forum on Tuesday, several representatives of California residents discussed security strategies.

The chief information security officer for the city of Stockton, Nathan Scully, discussed several steps the city has taken since he came on in May. The city has:

• Purchased the same kinds of signature files and industry products as larger shops. 
• Purchased an insurance policy that becomes a penetration test if not brought in after an attack. “They get their money up front, but if you are carrying the risk like I am, at least I have that umbrella of insurance. I have help, contracted help. In the meantime, if nothing does happen, I can reuse that money for an attack and pen test,” Scully said.
• Begun looking for a strategic solution that fits the organization. “Find that fingerprint that’s going to be that right investment,” Scully said.
• Looked for larger partners in the industry. “Networking is going to be one of the things that is very valuable,” Scully said, “talking together about what is happening and how we dealt with it.”

When Stockton experienced a malware phishing attack, the administration shut down everything coming through the email filter and restored things by using backup records.

This story was originally published by Techwire.