Marin County Grand Jury
• 2024-2025
• Agency Response
Response to:
Marin's Telecommunications Disconnect
Office of the County Administrator County of Marin July 21, 2020 Matthew H. Hymel County Administrator JUL 2 1 2020*
⚠️ Aviso de traducción: Este contenido ha sido traducido automáticamente. El texto original en inglés es la versión oficial. La traducción puede contener errores.
⚠️ Este contenido ha sido traducido automáticamente. El texto original en inglés es la versión oficial. La traducción puede contener errores.
Findings and Recommendations 2 findings
F1
The Marin County government has a well-developed approach to cybersecurity in general, and a robust architecture and strategy for avoiding breaches. Response: Agree As highlighted in the grand jury report, the County of Marin has a Chief Information Security Officer who oversees the County's Information Security Program within the Department of Information Services and Technology (IST). The program is supported by a dedicated information security team with an emphasis on employee education and awareness, in addition to managing technical security systems. In 2019, Marin County IST's program called "People at the Heart of Information Security" received a challenge award from the California State Association of Counties (CSAC).
Related Recommendations (1)
R1
of the date of this report, the Marin County Information Services and Technology Department should create an ongoing program to share user education information, other cybersecurity practices, and updates with cities and towns. The recommendation has not yet been implemented, but will be implemented in the future. The County conducted an initial meeting of city and towns stakeholders May 22, 2020 to discuss the creation of an ongoing cybersecurity information sharing program. By July 31, 2020, the County will share its monthly information security newsletters to all of Marin's cities and towns for distribution to their employees. Other cybersecurity best practices and updates will be shared on an ongoing basis.
F2
The Marin County government has substantial cybersecurity expertise and, as the host and manager of the MIDAS system, is well positioned to assist the cities and towns in developing a common set of best practices regarding cybersecurity. Response: Agree The County is well positioned given its existing relationships with MIDAS members to share best practices regarding cybersecurity that can be implemented by the cities and towns. RESPONSE TO GRAND JURY RECOMMENDATIONS The Marin County Civil Grand Jury recommends the following:
Related Recommendations (1)
R2
of the date of this report, the Marin County Information Services and Technology Department should complete a plan for enhancing MIDAS to improve cybersecurity for its users. The recommendation has not yet been implemented, but will be implemented in the future. County of Marin Response to Grand Jury Findings and Recommendations . 1 ---- County of Marin Response to Grand Jury Report Findings and Recommendations "Cyberattacks: A Growing Threat to Marin Government" (May 11, 2020) The County had already begun re-architecture of the security infrastructure for MIDAS - the network shared among members, not each member's internal network. This enhancement includes new hardware that provides a menu of security features that can be requested and implemented to meet each member's needs. Installation of the new hardware will be completed
* This report's PDF did not contain easily extractable text and required Optical Character Recognition (OCR) for analysis. There may be minor errors in the extracted findings and recommendations due to OCR limitations with scanned documents.