San Joaquin County Grand Jury
• 2021-2022
• Agency Response
June 16, 2022, regarding*
⚠️ Translation Notice: This content has been automatically translated. The original English text is the official version. Translation may contain errors.
⚠️ Este contenido ha sido traducido automáticamente. El texto original en inglés es la versión oficial. La traducción puede contener errores.
Note: Missing finding numbers detected: F3, F6
Findings and Recommendations 4 findings
F2
Notify City Attorney's Office Notify the City Council
Related Recommendations (1)
R2
Notify City Attorney's Office Notify the City Council
F4
Contact appropriate Federal and State Law Enforcement agencies.
Related Recommendations (1)
R4
Contact appropriate Federal and State Law Enforcement agencies.
F5
Contact Cyber Insurance Provider If the attackers demand payment to recover files or to refrain from disseminating captured files to the public or by any other means tarnish the reputation or disrupt city operations, then the City Manager or designee in consultation with the stakeholders mentioned above will decide, based on the information and circumstances available, on what the appropriate response is to get the best outcome for the City. RESPONSIBILITIES Director of Information Technology Notify the City Manager's and the City Attorney's Offices Notify the appropriate Federal and State law enforcement agencies ٠ Contact the City's Cyber Insurance provider Provide situational updates to the City Manager . City Manager Notify the City Council In consultation with stakeholders, formulate the ransomware response plan. • City Council Provide the City Manager with the authority to enact the ransomware response plan. • ATTACHMENT C City Attorney Consult with City Manager and City Council on legal aspects of ransomware response. . Work with Public Information Officer and law enforcement on press releases.
Related Recommendations (1)
R5
Contact Cyber Insurance Provider If the attackers demand payment to recover files or to refrain from disseminating captured files to the public or by any other means tarnish the reputation or disrupt city operations, then the City Manager or designee in consultation with the stakeholders mentioned above will decide, based on the information and circumstances available, on what the appropriate response is to get the best outcome for the City. RESPONSIBILITIES Director of Information Technology Notify the City Manager's and the City Attorney's Offices Notify the appropriate Federal and State law enforcement agencies ٠ Contact the City's Cyber Insurance provider Provide situational updates to the City Manager . City Manager Notify the City Council In consultation with stakeholders, formulate the ransomware response plan. • City Council Provide the City Manager with the authority to enact the ransomware response plan. • ATTACHMENT C City Attorney Consult with City Manager and City Council on legal aspects of ransomware response. . Work with Public Information Officer and law enforcement on press releases.
F7
1 or procedures in ransomware attacks. This absence of policy could cause confusion, delay and greater loss of security in the event of an attack. RESPONSE: The City agrees with this finding. Honorable Michael D. Coughlan, Presiding Judge September 14, 2022
Related Recommendations (1)
R7
1 By November 1, 2022, the Stockton City Council, in conjunction with the City's IT department, develop, adopt and implement a formal internal policy and procedure for response to a ransomware attack. RESPONSE: A formal internal policy and procedure for response to a ransomware attack was approved by the City Manager on September 1, 2022, and presented to the City Council at its September 13, 2022 public meeting. The approved policy is attached. CITY MANAGER
* This report's PDF did not contain easily extractable text and required Optical Character Recognition (OCR) for analysis. There may be minor errors in the extracted findings and recommendations due to OCR limitations with scanned documents.