The chief information security officer for the city of Stockton, Nathan Scully, discussed several steps the city has taken since he came on in May. The city has:
- Purchased the same kinds of signature files and industry products as larger shops.
- Purchased an insurance policy that becomes a penetration test if not brought in after an attack. “They get their money up front, but if you are carrying the risk like I am, at least I have that umbrella of insurance. I have help, contracted help. In the meantime, if nothing does happen, I can reuse that money for an attack and pen test,” Scully said.
- Begun looking for a strategic solution that fits the organization. “Find that fingerprint that’s going to be that right investment,” Scully said.
- Looked for larger partners in the industry. “Networking is going to be one of the things that is very valuable,” Scully said, “talking together about what is happening and how we dealt with it.”