Key to a Strong Cybersecurity Policy is an Educated Staff

Ken Miller, head of IT for Grayson County, Texas, explained that his county had been attacked previously, but due to his well-trained staff, the attacks were fruitless.

by Jerrie Whiteley, Herald Democrat, Sherman, Texas / April 12, 2016

(TNS) -- When U.S. Rep. John Ratcliffe held a field hearing of the congressional subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies in Sherman Thursday to talk about cyber security, some of the people who came to listen were very aware of the problems associated with protecting sensitive information from computerized attack.

Ken Miller, who is in charge of information technology at Grayson County, said he deals with cyber security on a daily basis.

“At least four hours of my day, five days a week is spent on monitoring threat levels,” Miller said Thursday. He explained cyber crime “is a very real thing that happens even in little old Grayson County.”

He said he spends about 95 percent of his budget on preventing cyber attacks.

“Just for the technology side of it, making sure that you have an infrastructure that protects the data as well as management,” he said.

Miller added that his staff spends a great deal of time training the county’s staff of more than 300 in what they do to protect the county’s sensitive information one keystroke at a time.

After hearing that some state agencies and counties in other states have required their workforce to complete online classes offered by Texas A&M Engineering Extension Services, Miller said he is thinking that would be a good thing for Grayson County and other local entities.

He said while he thinks everyone can benefit from education about when to open emails and when not to do so, he is very proud of the trainability of the staff of Grayson County.

“I have one the most intelligent user bases any IT director can have,” Miller said, adding that is not by accident. “My team puts out a lot of information. We educate as much as we can, but a basic cyber awareness for each and every person would go the distance.”

He said the county has been attacked in the past and they know they will be again. The key is being ready to respond to the attack.

“We have lost nothing as a result of it,” Miller said. “We have been able to mitigate the damage.”

Miller said the county is so well prepared for such cyber crimes because the elected officials who hold the purse strings have been willing to trust him when he tells them what is needed at budget time. He said even though many of them don’t understand what is needed in the way that he and his staff do, they know that the county is vulnerable and they work hard to make sure those vulnerabilities are mitigated to the best extent possible.

One way local entities mitigate that threat is to hire and retain well-trained staff. Grayson County Sheriff-elect Tom Watt said he was aware that Texas A&M Engineering Extension Services provided excellent training, but he was not aware of the degree of cyber-related training it offers.

Watt said having the hearing in Sherman helps to get the word out to other leaders about the kinds of training that are available for their current staff.

One problem with keeping trained individuals on staff at any level of government is the fact that people who are well trained in cyber security can get much better-paying jobs in the private sector.

Even the nation’s Homeland Security Department is having trouble recruiting and keeping employees well trained in cyber security. A recent story in the New York Times said that federal data shows that nearly 300 attacks were reported on critical infrastructure last year, which is up from under 200 attacks reported in 2012. The targets picked for those attacks varied widely from health care to manufacturing plants.

Ratcliffe said the government jobs might not be able to pay as well as some in the private sector so the government has to use everything it can to up the ante.

“We have those conversations in Washington too about attracting talent,” he said. “We have to do a good job of making sure that the federal government provides attractive opportunities, not necessarily always in terms of pay, but in terms of the experience and the credibility that they can carry forward.”

©2016 the Herald Democrat (Sherman, Texas) Distributed by Tribune Content Agency, LLC.