During a panel, moderator James Taylor, CEO of the Florida Technology Council, prefaced the discussion to panelists Jason Bertoch, network security lead for the Florida Digital Service; James Dobra, director of security solutions for HP Inc.; and Andy Olpin, senior solutions engineer for Lookout, Inc., that they would use ChatGPT to identify the top 10 cyber risks and share what they think.
According to ChatGPT, these risks are:
- Malware: malicious software used to disrupt, damage or gain unauthorized access to a computer system
- Phishing: the practice of sending fraudulent emails from a reputable source to convince individuals to reveal personal information, such as passwords
- Ransomware: malicious software designed to block users or organizations from accessing files on their computer in return for some form of payment
- Distributed denial of service (DDoS) attacks: the flooding of a server with traffic to prevent users from using a certain website or online services
- Insider threats: a cybersecurity risk or threat created by an authorized user to harm an organization’s network
- Zero-day vulnerabilities: an undiscovered system flaw with no defense or patch to protect against cyber threats
- Advanced Persistent Threats (APTs): a cyber attack that goes undetected for an extended period, allowing hackers to access sensitive information
- Internet of Things (IoT) vulnerabilities: from a cybersecurity perspective, IoT devices are vulnerable to attacks due to weak security measures
- Supply chain attacks: a specific type of cyber attack that targets less secure software or hardware within an organization’s supply chain
- Social engineering: manipulating an individual to access sensitive information or a computer system
“The No. 1 biggest threat is phishing,” Olpin said. “We’ve seen a lot of attackers start to pivot towards mobile devices because if I send you a phishing link to corporate email, I gotta get through 100 different security products, and even if I get through all the security products, everything’s logged and recorded. If I send you a text message, I typically have to go through zero security products, and whether you click on it or not, nobody’s got logs that it happened. It gives you a way to really target individuals.”
Another panelist echoed a similar message, saying that organizations aren’t directly hit with ransomware but are often sent a suspicious email first.
“Right out of the gate, you aren’t hit with ransomware. You’re hit with an email that has an attachment,” Dobra said. “There’s multiple stages to an attack. People can’t steal from inside your house until they’ve gotten inside.”
As for state government, Bertoch highlighted a different concern altogether.
“One of the challenges that we have is not having application mapping,” Bertoch said. “Maybe you have a server that’s targeted for doing an investigation; well, what is on that server? What data does that server have access to? What other servers does it talk to? In many cases, figuring that out on the fly introduces a lot of extra time, and the investigation really slows us down, so that’s definitely something that I’m pushing for.”
Regarding the state’s cyber landscape, Lieutenant Governor Jeanette Nuñez highlighted a few of the state’s most recent security efforts during a special session at the event.
“When we came in 2018 and got elected, we started to look around and see that we needed to really invest in the infrastructure and the people we have working in cybersecurity,” Nuñez said. As a result, “we were able to develop the task force, which was the precursor to the advisory council, and we were able to look at the state’s cybersecurity posture, governance and overall operation.”
For context, the state’s cybersecurity task force was created in 2019 during the regular legislative session via House Bill 5301. Once established, task force members focused on improving the state’s security program and prioritizing risks posed by identified threats.
However, in 2020, the task force disbanded, and the Florida Cybersecurity Advisory Council took its place in 2021. Since then, the council has focused on assisting state agencies in protecting their IT resources from cyber threats and incidents.
Another topic Nuñez discussed was the state’s Cybersecurity Security Operations Center (CSOC), which oversees the digital assets of partnering entities and identifies and mitigates threats in real-time to ensure uninterrupted service.
“For the launch of the CSOC, we had zero — and I will repeat that number again — zero agencies that had ever shared cybersecurity data in real time; they were operating exclusively in silos,” Nuñez said. “Today, I’m proud to announce that we have more than 35 of our state entities that are working in an integrated fashion. They are plugged into the CSOC, and they are sharing data in real time, and that really gives us confidence in knowing that what we’re doing throughout the state is focused on resilience and making sure that we are on the front lines of innovation and collaboration.”
The CSOC has also added more than 200 local partners to its roster in the last several months, expanding data-sharing capabilities, Nuñez added.
Lastly, the lieutenant governor highlighted the success of the state’s $30 million competitive cybersecurity grant program.
“In my opinion, this has been one of our boldest initiatives to date,” Nuñez said. “It was designed to allow local governments to improve their own cyber capabilities regardless of technical expertise.”
According to Nuñez, a number of municipalities now have new capabilities available to them, including asset discovery inventory, endpoint detection and response, security operation platforms and security systems, thanks to the grant program.
*The Florida Public Sector Cybersecurity Summit is presented by Government Technology (a publication of e.Republic). A longer version of this article first appeared in Government Technology, a sister publication of Industry Insider — Florida.