02/28/2022 | News release | Distributed by Public on 02/28/2022 08:49
With government agencies under siege by cyber attackers, Oklahoma is one state that's aggressively pushing back. Its response: an overhauled cybersecurity infrastructure, a significantly expanded security team and a growing collaboration with a wide range of peers facing similar challenges.
Governments have proved to be irresistible targets for cyberattacks because of their extensive databases of personal information on citizens, their control over vital services and infrastructure, and their often outdated IT and security systems. In a recent Mimecast survey, for example, nearly 85% of U.S. public sector security professionals said ransomware had impacted their operations in 2021.
To turn the tide in Oklahoma, the state's Office of Management and Enterprise Services (OMES) appointed Matt Singleton as its first chief information security officer in 2019. The timing was good; the start of the pandemic in 2020 forced fundamental changes to the way the state government operated - with suddenly remote workers delivering new and critical services to affected citizens who could only access them online.
The state is now almost three years into an overhaul of its cybersecurity infrastructure. OMES Cyber Command has put the basic systems in place to "serve and protect" an attack surface of over 30,000 state employees in dozens of state agencies that serve nearly 4 million citizens in coordination with hundreds of cities, towns, school districts and other local government counterparts.[1]
At this point, OMES Cyber Command is holding its own against an average of 61.5 million cybersecurity-related events each day. What was once a small, underequipped department working manually can now stand strong against these threats and focus on more strategic objectives.
As cyberthreats continue to grow and change, one such objective is to keep maturing the foundation OMES Cyber Command has built to preserve security in support of a productive, hybrid workforce and open access to government services. Its other aim is to create a collaborative network with local municipalities, businesses and surrounding states that face similar challenges.
OMES Cyber Command leaders have embraced the maxim that cybersecurity requires a strategic deployment of people, technology and processes. Its security transformation has included:
"That allows us to focus on actual threats instead of fixing interconnection errors from applications that don't talk to each other," said John Tipsword, OMES' manager of cyber defense operations. "We can focus on the work, not the tools."
Another maxim OMES Cyber Command has embraced is that "cybersecurity is a team sport now," said Chance Grubb, Cyber Command senior staff officer and OK-ISAC lead. "Bad guys are always working together, so why can't the good guys work together?"
This team spirit spurred the state government in late 2020 to launch the Oklahoma Information Sharing and Analysis Center (OK-ISAC), a threat-sharing community of private and public sector members.[3] OMES Cyber Command leaders say they stand ready to help any organization in Oklahoma that is breached. Meanwhile, OK-ISAC is also helping to raise cybersecurity knowledge levels, strategic planning and real-time response capabilities statewide.
In addition, OMES Cyber Command is collaborating with governments and threat-sharing communities in surrounding states, exchanging threat intel, best practices and lessons learned. Running in the background on its email security platform is a threat intelligence feed that Mimecast constantly updates from across states and beyond. If California gets attacked by a previously unknown exploit, for example, Oklahoma can see it in near-real time and begin planning its defense.
Oklahoma is among the many states buffeted by cyberattacks, but it is taking aggressive steps to ensure a highly secure, productive and citizen-friendly state government profile. Its strategy has involved overhauling its Cyber Command with significant improvements to its people, technology and processes. Another key move is a collaboration across Oklahoma and beyond to build cybersecurity strength in numbers.
[1] "Oklahoma OMES Cyber Command," Oklahoma Office of Management & Enterprise Services
[2] "State of Oklahoma Deploys CrowdStrike to Defend Thousands of Endpoints Against Daily Threats," CrowdStrike
[3] "Event Recap: Inaugural OK-ISAC Symposium," Oklahoma Office of Management & Enterprise Services