Cybersecurity Management Program, Emerald Coast Utilities Authority


Emerald Coast Utilities, a provider of water, wastewater and sanitation services in Pensacola, Florida, recently created a security analyst position and launched a cybersecurity management program designed to raise cybersecurity awareness among employees, improve systems and implement new protection mechanisms. The program, known as Securing the Sector, has dramatically reduced the rate of employee clicks on phishing emails, reduced the area of ​​government attacks, and ensured that technology systems are patched and updated on time.

Better training for employee safety has reduced the government’s clickthrough rate from 25% to 2.5%. Linking Active Directory user accounts with current employees reduced the number of active accounts from 680 to 495, reducing the risk of compromising unused accounts. Patch and update rates for servers and computers are now above 95%. In addition, the government disconnected all operating technology systems from the Internet.

The government offers these recommendations for other districts that want to replicate their success: – Clearly identify critical data center connections that must be severed in the event of a cybersecurity breach. The government marks this connection with orange “panic flags” and all members of the IT department know how to break them. – Implement group policies that prevent executable files from running in temporary space on employees’ computers. – Delay data replication to off-site file servers. The authority is delaying this replication for several hours to detect and stop ransomware attackers’ efforts to encrypt file backup server data. – Monitor the deletion of shadow copies from the file server. Shadow copies, which help organizations quickly recover file server data, are among the first targets of ransomware attacks. Authorities have created a daily report to monitor the status of all shadow copies. All deleted files are immediately investigated by a server technician.

Comments are closed.