Warning: mysql_real_escape_string(): Access denied for user 'root'@'localhost' (using password: NO) in /home/justinfl/public_html/larrygonzales.com/wp-content/plugins/statpress/statpress.php on line 1191

Warning: mysql_real_escape_string(): A link to the server could not be established in /home/justinfl/public_html/larrygonzales.com/wp-content/plugins/statpress/statpress.php on line 1191

Warning: mysql_real_escape_string(): Access denied for user 'root'@'localhost' (using password: NO) in /home/justinfl/public_html/larrygonzales.com/wp-content/plugins/statpress/statpress.php on line 1194

Warning: mysql_real_escape_string(): A link to the server could not be established in /home/justinfl/public_html/larrygonzales.com/wp-content/plugins/statpress/statpress.php on line 1194

Warning: mysql_real_escape_string(): Access denied for user 'root'@'localhost' (using password: NO) in /home/justinfl/public_html/larrygonzales.com/wp-content/plugins/statpress/statpress.php on line 1197

Warning: mysql_real_escape_string(): A link to the server could not be established in /home/justinfl/public_html/larrygonzales.com/wp-content/plugins/statpress/statpress.php on line 1197
Larry Gonzales, Our Texas State Representative, District 52 » Hackers and Government Systems

Hackers and Government Systems

(The following are notes from an NCSL session about keeping government systems secure from hackers. It was presented to IT staff and CyberSecurity personnel from a security expert. So, the information is presented from an angle of “you guys are responsible for securing your government systems, here’s what to consider.”)

Moderator: Joel Redding, Legislative Research Commission Kentucky

Speaker: Jerry Gamblin, Information Services Division, House of Representatives, Missouri

“If you spend more on printer ink than on IT security, you will be hacked. What’s more, you deserve to be hacked.” – Richard Clarke, White House CyberSecurity Advisor

 

www.jerrygamblin.com

 

Legislators say:

  • Too busy for security
  • I have nothing to hide
  • Hate to be embarrassed

Hackers:

  • They have plenty of time
  • “I have nothing to hide” is a challenge to them
  • Love to embarrass people

Close to 500 US House staffers recently had their email passwords hacked

 Security Awareness

  • Social Media used correctly; must configure Facebook and Twitter correctly
  • Long password policy; over 10 characters;
  • Hackers with machines to break a password with 2,000,000 guesses a second
  • Password “reuse.” Use different passwords on all your accounts (social media, bank, official)
  • $31 billion in lost cell phones a year
  • SSN theft moves into a personal realm; staffers have this when they help with casework;

Improve security infrastructure

  • 97% of hacks NOT Windows;
  • The entry point is PDF, JAVA, Flash
  • Update Adobe

Update firewall

  • “Next Generation Firewalls” updates

 Remote Access

  • If not set up with a secure ability, users will use Dropbox and other non-secure programs
  • Have to use and allow for remote access

 Website auditing

  • Have someone try and hack your website
  • These are called “white hat” hackers for hire
  • Most big computer companies provide this service (Dell, HP, Apple, etc.); lots of options

 Responsibility

  • Whose responsibility is it to safeguard government systems? Does not matter – once it’s done, it’s done, regardless of who gets blame; damage is done

Time

  • Having a secure system is a long term goal
  • Invest money over the long haul
  • Brand new system not worth having if it’s not secure

Must have “buy-in” from leadership to be able to move forward on funding the most secure system possible; it is expensive, but necessary; explain it to them so they know WHY they need to pay for it;

“security is a team”

No silver bullet

 

 

Share this post:

Leave a Reply

You must be logged in to post a comment.

Subscribe to our campaign e-mail updates!