73rd AnnualTexas Association

of County Auditors Fall Conference

Holiday Inn San Antonio RiverwalkSan Antonio, Texas

October 16-19, 2018

AnniversarySAN ANTONIO

300

DE BÉJAR

th

Welcome to the River City

IT Cybersecurity for Counties

Wednesday, October 17

1:05-1:55 p.m.

Michael Cheng, Head of Information Security, Bexar County

This session will introduce an effective framework to quickly improve counties'

cybersecurity posture.

Michael Cheng, Head of Information Security, Bexar County, San Antonio Cheng joined Bexar County Information Technology as the head of information security in June 2018. He is responsible for establishing and maintaining vision, strategy, and program to ensure Bexar County information assets and technologies are adequately protected. Prior to current position, Cheng was Chief Information Security Officer at Aviage Systems, one of GE Aviation’s

joint ventures.

1

October, 2018

CYBERSECURITY AT COUNTIES

7/27/17 1

AGENDA

10/10/2018 2

Major Cybersecurity Threats

Challenges

Quick Wins and Long Term Strategy

2

MAJOR CYBERSECURITY THREATS

10/10/2018 3

10/10/2018 4

3

THREATS TO STATES/COUNTIES/CITIES

10/10/2018 5

WE ARE TARGETED

10/10/2018 6

Government agencies are ranked #7 sectors in Americas, experiencing most cyber-attacks and

system compromises in 2017

4

THINGS ARE AT RISK

10/10/2018 7

Election Systems & Election Information

Criminal Justice Information (CJI) & Criminal History Record Information (CHRI)

Personal Identified Information (PII)

Personal Medical Information

Payment Card Data

Government Secrets

“2018 Data Breach Investigation Report” by Verizon

POSSIBLE ENTRY POINTS

10/10/2018 8

Phishing Emails

System Vulnerabilities

Incorrect Configurations

Third Parties

5

CHALLENGES

10/10/2018 9

CHALLENGES COUNTIES ARE COMMONLY FACING

Out-of-date IT Infrastructure

Over-used Privileged Accounts

Lack of Boundary Defense

Ignorance of Security Incidents

…

10/10/2018 10

We are extremely vulnerable

6

QUICK WINS AND LONG TERM STRATEGY

10/10/2018 11

THINGS TO QUICKLY ENHANCE CYBERSECURITY

Asset Management Inventory and control of hardware devices

Inventory and control of software

Control security configurations of hardware and software

Access Control Control of Privileged Accounts

Vulnerability Management Continuous vulnerability management

Security Monitoring Maintenance, Monitoring and Analysis of Audit Logs

10/10/2018 12

7

RESOURCES TO LEVERAGE

10/10/2018 13

MS-ISAC (https://www.cisecurity.org/ms-isac/)

DHS

Texas DIR contracts and services

LONG TERM STRATEGY

10/10/2018 14

Establish Cybersecurity Program

Adopt Mature Cybersecurity Framework, CIS Top 20 Controls, NIST, etc.

Transform IT Infrastructure, cloud based

8

THANKS

10/10/2018 15

Michael Cheng – Head of Information Security @ Bexar County, michael.cheng@bexar.org, 210-335-0208

Free Lined Graph Paper from http://incompetech.com/graphpaper/lined/

Free Lined Graph Paper from http://incompetech.com/graphpaper/lined/