• Skip to main content
  • Skip to footer

Commonwealth Sentinel

Cyber Security for local government, non-profits and small business

MENUMENU
  • Home
  • About Us
    • Sheri Donahue
    • Leo Haggerty
    • Careers
  • Services
    • Vulnerability and Threat Evaluation
    • Transformation Management
    • CISO Management Services
    • Incident Response Management
  • News
  • Blog
  • FAQs
  • Contact Us

Terry Davis / June 17, 2022

Thoughts from the 2022 KCJEA and Magistrates Summer Conference

I love June! Summer has finally arrived, the lakes are abuzz with boaters, golf courses are full, and the Kentucky County Judge/Executive and Kentucky Magistrates & Commissioners Association hold their annual Joint Summer Conference.
This year was better than last year for several reasons. First, I did NOT play in golf the scramble like I did last year… That was good for EVERYONE!
Second, I didn’t trip on the outdoor rug going into the hotel conference center and faceplant into the glass double doors (like I did last year).
Best of all, I was honored to present one of the breakout sessions on “Cyber Security for County Governments in 2022.”
This was a win-win because I had the opportunity to talk with many judges, magistrates, and commissioners about the state of cyber security in their counties, which helped me better understand the needs and be able to better protect them.
For the attendees, it was a win because I did a 5-question contest at the end of each session and gave out small bottles of “adult refreshments” for the correct answers. (My apologies for the Peach Schnapps.)
Here are some of my takeaways:
There is a WIDE range in the IT and Cyber Security levels – I found it surprising there are still counties without any meaningful IT or cyber security support. Others have significant support for their infrastructure. There doesn’t seem to be much rhyme or reason to what category counties fall into.
Many still don’t understand what cyber security is – In simplest terms, “Cyber Security is a journey, not a destination.” I think many people are surprised to learn that you cannot just set it and forget it.
An assessment of your system is a snapshot in time. It may show the level of protection right now, but ongoing monitoring and assessments are needed to show changes and indications of compromise. A picture is worth a thousand words, but a video tells a story.
Multi-Factor Authentication (MFA) is NOT implemented nearly enough – I was shocked at how many people admitted that they do not use MFA to access their devices and networks. This must be part of standard practice.
No Passwords – I have no words. I mean…just…nope, no words. Yes, some people do not even require passwords for their systems. I may cry. Excuse me for just a moment.
Ok, I’m fine now.
If you didn’t get a chance to attend one of our breakout sessions, you can check out the video!
By next year, let’s everyone make some promises:
You will make sure you use passwords
You will start using MFA
You will ask questions of your IT team
You will implement some form of cyber security and keep updating it
And for my part
I will NOT buy Peach Schnapps for one of my cyber security contest prizes.
CYBER NEWS
Monkeypox gives scammers something new to con with
Monkeypox gives scammers something new to con with
The scammer arsenal of tricks and cons has received a bit of an update recently, as it’s not just covid scams set to land in your emails.
www.pickr.com.au • Share
Microsoft: Exchange servers hacked to deploy BlackCat ransomware
Microsoft: Exchange servers hacked to deploy BlackCat ransomware
Microsoft says BlackCat ransomware affiliates are now attacking Microsoft Exchange servers using exploits targeting unpatched vulnerabilities.
www.bleepingcomputer.com • Share
State and Local Governments Eye Collective Cybersecurity Measures
State and Local Governments Eye Collective Cybersecurity Measures
A number are bringing efforts under one umbrella to ensure public sector resources remain safe.
statetechmagazine.com • Share
TIP OF THE WEEK
How to Avoid Facebook Scams
Recently it was discovered that a fake Facebook login portal was set up to imitate Facebook’s actual landing page. The user would enter their actual Facebook login credentials thinking they were logging into their Facebook account, but they were providing their credentials to a cyber-criminal.
Once a user’s credentials have been stolen, the criminal can monetize them in various ways. They will often set up a fake profile that appears to be you and then connect with your friends. The built-in trust between you and your friends results in lowered defense and increased susceptibility to scams.
Avoid becoming a victim by:
NOT clicking on a link to be taken to a landing page that you would usually go to in another way (even if, or especially if, it appears to come from someone you know)
If you receive a connection request from a friend that seems unusual, call or text that friend to ensure they sent it.
Use MFA for all logins.
If asked to verify your identity, double-check the URL to ensure it is legitimate.
VOCABULARY WORD
Landing Page: A web page that prompts the user to take a specific action (e.g., enter credentials, payment information, etc.)
CYBER HUMOR

Filed Under: Blog

Footer

CONTACT US

COMMONWEALTH SENTINEL

1230 US Highway 127 S
Suite #5
Frankfort KY 40601
(502) 320-9885

EMAIL US

ABOUT US

Cyber security consulting for local governments, non-profit organizations, and small businesses facing the threats of the cyber world.  At Commonwealth Sentinel, we are passionate about helping people be cyber-safe!

FOLLOW US

  • Email
  • Facebook
  • LinkedIn
  • Phone
  • Twitter
  • YouTube

Copyright © 2023 Commonwealth Sentinel

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT