Marin County Grand Jury
• 2024-2025
• Agency Response
Response to:
Cyberattacks: A Growing Threat to Marin Government
Response to Grand Jury Report Form Town of Tiburon Report Title: Cyberattacks-A Growing Threat to Marin Government
⚠️ Aviso de traducción: Este contenido ha sido traducido automáticamente. El texto original en inglés es la versión oficial. La traducción puede contener errores.
⚠️ Este contenido ha sido traducido automáticamente. El texto original en inglés es la versión oficial. La traducción puede contener errores.
Findings and Recommendations 8 findings
F3
Transparency is lacking regarding cybersecurity because past breaches have not been publicly disclosed, and city and town councils have not facilitated public discussion of cybersecurity issues. Response- Agree
No recommendations for this finding
F4
Most elected officials in Marin’s cities and towns are not sufficiently engaged in ensuring robust cybersecurity policies and procedures are in place. Response- Disagree partially. This is a very broad statement, and it would be difficult for the Town of Tiburon to assess the relative engagement level on this subject of all the elected officials in Marin.
Related Recommendations (1)
R4
Starting in fiscal year 2020–2021, the county board of supervisors and the city and town councils should request their managers report, at least annually, regarding their cybersecurity profile and any measures being taken to improve it. Response- This recommendation has not been implemented but will be implemented in the future.
F5
County and municipal officials and managers have been generally unaware of breaches that have occurred outside their own agencies in Marin and therefore have not felt the need to collaborate on measures to improve cybersecurity. Response- Disagree partially. Although we may not have been aware of all breaches outside of our agency, the Town has participated for many years in utilizing the MIDAS network system, and the issue has been discussed several times at meetings of the Marin Managers Association (MMA).
Related Recommendations (1)
R5
Starting in fiscal year 2020–2021, the county, cities, and towns should convene periodic discussions, at least annually, in a public forum such as a board or council meeting, regarding the importance of good cybersecurity practices for our government, residents, and other organizations. Response- This recommendation has not been implemented but will be implemented in the future. Beginning in October 2020, the County of Marin will host a NCSAM event open to the public focused on cybersecurity. As a member of the recently formed Marin Information Security Collaboration (MISC), the Town of Tiburon will assist in promoting this event to our residents
F6
Municipalities have been lax in following FBI guidance that cybersecurity breaches be reported to federal law enforcement. Response- Disagree partially. As noted in the report, the Town of Tiburon experienced a ransomware attack in 2019 which was not reported to the FBI. However, the Town has no knowledge regarding the practices of other agencies with regards to FBI reporting.
Related Recommendations (1)
R6
The county and each city and town should adopt a policy to report to federal law enforcement any cybersecurity intrusion that results in financial fraud or unauthorized disclosure of information and make that intrusion public. Response- This recommendation has not been implemented but will be implemented in the future. The County of Marin has access to existing security policy templates developed in coordination with the California Counties Information Service Directors Association (CCISDA). These templates will be shared with the MISC and the Town of Tiburon and will be included in the development of a town policy.
F7
Marin’s cities and towns have not made a concerted effort to standardize around a common set of best practices with respect to cybersecurity. Response- Disagree partially. The Town agrees more can be done to standardize and coordinate efforts around cybersecurity. However, most of the cities/towns in Marin, including Tiburon, have for many years participated in the MIDAS network system and have benefited from the shared security protocols built into that system.
Related Recommendations (1)
R7
of the date of this report, cities and towns should implement the first four practices described in the Best Practices section of this report, regarding mandatory user training, email flagging and filtering, password management, and backup. Response- This recommendation has been partially implemented. Recommended practices 2 (email flagging/filtering), and 4 (daily backups) have already been implemented. Practices 1(mandatory user training) and 3 (password management) will be reviewed in Fiscal Year 20-21 to determine the feasibility of implementation.
F8
The Marin County Council of Mayors & Councilmembers has not made cybersecurity a priority, which has minimized the awareness and engagement of elected officials in cybersecurity matters. Response- Disagree partially. The Town of Tiburon agrees cybersecurity has not been a priority issue for MCCMC, however, it would be impossible for us to determine whether this has minimized awareness and engagement of elected officials.
Related Recommendations (1)
R8
In fiscal year 2020–2021, cities and towns should complete an analysis of the feasibility of implementing the remainder of the practices described in the Best Practices section of this report. Response- This recommendation has been partially implemented. Automated malware detection, monitoring and removal system has been implemented, and the Town has partially implemented recommendations related to the use of expert resources, firewalls, routine hardware replacement and patching. Recommendations requiring additional study include management of mobile devices, documentation and vulnerability assessments.
F9
RECOMMENDATIONS Recommendations numbered _NA__ have been implemented. Recommendations numbered: _R4,R5,R6 and R9_ have not yet been implemented but will be implemented in the future. Recommendations numbered __R7, R8_ have been partially implemented, and remaining parts will be implemented in the future Recommendations numbered: _NA_ require further analysis. Recommendations numbered: __NA___ will not be implemented because they are not warranted or are not reasonable. Date: August 5, 2020 Signed: ___________________________________ Number of pages attached: 4 Office of the Town Manager Town of Tiburon August 5, 2020 The Honorable Andrew Sweet Lucy Dilworth, Foreperson Presiding Judge of the Marin County Marin County Civil Grand Jury Superior Court 3501 Civic Center Drive, Room 275 Post Office Box 4988 San Rafael, CA 94903 San Rafael, CA 94913-4988 Re: Response to Grand Jury Report Cyberattacks-A Growing Threat to Marin Government Dear Honorable Judge Sweet and Foreperson Dilworth: This letter explains in detail the Town of Tiburon’s response to the Civil Grand Jury Report dated May 11, 2020 (Cyberattacks-A Growing Threat to Marin Government). The Report directs the Town to respond to Findings F3-F10 and
Related Recommendations (1)
R9
In fiscal year 2020–2021, cities and towns should, through the Marin Managers Association, complete an analysis of the feasibility of contracting with a cybersecurity expert to be available to cities and towns on a shared basis, in order to raise the overall level of cybersecurity in Marin’s cities and towns. Response- This recommendation has not been implemented but will be implemented in the future. The Tiburon Town Manager will work with his MMA colleagues to discuss the feasibility of this recommendation in Fiscal Year 2020-21 Sincerely, Greg Chanis Town Manager
F10
Various low-cost best practices exist that could, if implemented, significantly improve the cybersecurity posture of Marin’s cities and towns. Response- Agree
No recommendations for this finding