Priya Patel
TLDR:
- The final legislative report on the 2022 ransomware attack in Suffolk County highlighted missed warnings and security deficiencies dating back to 2017.
- Suffolk County is taking steps to improve cybersecurity, such as hiring a chief information security officer, doubling the computer security staff, and scheduling a penetration test.
Article Summary:
The final legislative report on the 2022 ransomware attack in Suffolk County revealed a series of missed warnings and security deficiencies that could have potentially prevented the intrusion. The report emphasized the need for the county to enhance its cybersecurity measures, including hiring a chief information security officer, increasing the computer security staff, and conducting a penetration test.
County Executive Ed Romaine acknowledged the past failures and highlighted the progress being made in addressing the cybersecurity issues. Romaine mentioned that a chief information security officer has been hired and will be starting soon, alongside plans to employ a “virtual CISO” to enhance computer security. The county is also striving to secure cybersecurity insurance by the end of the year.
The legislative report recommended that the county’s various computer tech teams work closely together and collaborate effectively. Additionally, it suggested hiring an experienced chief information security officer to lead a cross-county cyber incident response and recovery team. The need for a comprehensive response and recovery plan, as well as securing cyber breach insurance, was also stressed in the report.
Despite the costs incurred by the cyberattack, with estimates ranging from $5.8 million to over $25 million, the focus remains on implementing the necessary measures to prevent future incidents. Former acting Deputy U.S. Attorney General Richard Donoghue expressed hope that the county would heed the committee’s warnings and take proactive steps to enhance cybersecurity.
While challenges remain, Suffolk County is working towards fortifying its systems and improving readiness to counter cyber threats in the future.
