title
Receive a presentation and consider adopting a resolution recognizing October 2019 as National Cybersecurity Awareness Month
body
Published Notice Required? Yes ____ No _X _
Public Hearing Required? Yes ____ No _X _
DEPARTMENTAL RECOMMENDATION:
The Department of Information Technology recommends that the Board of Supervisors receive a presentation and consider adopting a resolution recognizing October 2019 as National Cybersecurity Awareness Month.
SUMMARY:
National Cybersecurity Awareness Month is a nationwide effort held each October to raise awareness about the importance of cybersecurity. The U.S. Department of Homeland Security (DHS) leads the outreach effort, and has received support from other Federal, State, and local agencies, as well as industry partners and centers of research. For 2019, the DHS’ National Cybersecurity Awareness Month campaign is #BeCyberSmart, with a three-fold message of Own IT. Secure IT. Protect IT. Recognizing October as National Cybersecurity Awareness Month also complements the Board’s priority of addressing election security and will facilitate outreach to present a unified message to the general public. Additionally, the Department of Information Technology (DoIT) has begun offering cybersecurity awareness training to County employees, including an email phishing prevention campaign with the goal of encouraging changes in behavior necessary to secure and protect people’s digital lives.
FINANCIAL IMPACT:
The costs associated with preparing this agenda item and informational messaging are nominal and absorbed by the department’s FY2019/20 Adopted Budget. The costs associated with preparation and purchase of the resolution materials are included in the Board’s FY2019/20 Adopted Budget.
DISCUSSION:
For 2019, the DHS’ National Cybersecurity Awareness Month campaign is #BeCyberSmart, with a three-fold message of - Own IT. Secure IT. Protect IT. The Department of Information Technology (DoIT) will follow this messaging throughout the month, with posters and electronic communication directing employees and the public to short videos and trivia games prepared by the DHS.
As working remotely and “Bring Your Own Device” policies become more common, a personal device infected at home is no longer isolated from school, industry, or government networks. Continued enjoyment of digital tools is therefore predicated on personal accountability and each person adopting positive cybersecurity habits. When put into context, the inconvenience of choosing a complex password or locking a device when not in use becomes the welcome alternative to losing access to digital communication.
In recent times, ingenuity and invention have led to remarkable advancements in technology. In many cases, individual awareness has not kept pace with the speed of advancement. The Bureau of Labor Statistics projects an increasing skills gap, with the number of cybersecurity jobs increasing by 32% over the next decade. By adopting this resolution, the Board signals to all people the need to reassess behavior and develop skills to navigate their digital future.
In addition, this year, the Department of Information Technology (DoIT) has begun offering cybersecurity awareness training to County employees with the Registrar of Voters as the initial pilot for the training. This training is expected to be updated regularly and available on an annual basis for County employees to stay current on threats the County is likely to face. DoIT will also conduct an email phishing campaign to provide County personnel with a safe, simulated environment where they can learn about real phishing attempts including actual examples. Formal declaration of National Cybersecurity Awareness Month by the Board of Supervisors will facilitate awareness and outreach to present a unified message to employees and the general public.
Additional information on cybersecurity awareness can be obtained online at https://www.dhs.gov/be-cyber-smart <https://www.dhs.gov/be-cyber-smart> <https://www.dhs.gov/be-cyber-smart>.
The Solano County Library will also post the link on their webpage.
ALTERNATIVES:
The Board of Supervisors could choose not to receive the presentation and not adopt the attached resolution; however, this alternative is not recommended as adoption by the Board will signal the importance of developing positive, lasting cybersecurity habits.
OTHER AGENCY INVOLVEMENT:
There is no other agency involvement.
CAO RECOMMENDATION:
APPROVE DEPARTMENTAL RECOMMENDATION