County Magazine Blog

The state has recognized the Texas Association of Counties (TAC) for its leadership in cybersecurity, modeling for its member counties how to protect themselves from online crimes.

"Every employee at TAC has a role in cybersecurity, and we live it as human firewalls," said Robert Ruiz, Associate Director of TAC Risk Management Services. Ruiz and TAC Infrastructure Security Engineer Erin Shirley led the charge in obtaining the certification.

The Texas Department of Information Resources awarded TAC the Texas Cyberstar certificate, which requires public and private organizations to meet five criteria to qualify. The requirements include maintaining a strong cybersecurity infrastructure, providing training, encouraging awareness and notifying local entities of threats.

TAC's work with local governments and their data requires solid internal controls, which Shirley said takes a multi-layer approach.

"This means that if one line of defense is compromised, additional layers of defense exist to thwart the cybersecurity threat," Shirley said, adding that employees are truly the first line of defense against a cyber attack.

The Association places equal effort on ensuring counties are also in a strong position to fend off threats.

Through the TAC Risk Management Pool (TAC RMP) and TAC County Information Resources Agency, county officials receive training on how to respond to an attack, updates about the latest risks, and support when faced with an attack. TAC RMP members who are part of the Public Officials Liability Program automatically receive cyber coverage.

This year's County Management & Risk Conference, to be held March 22-24 in Round Rock, will include sessions on cybersecurity, including presentations on real scenarios and best practices to mitigate cyber risk with technology vendors.

Then, May 16-19, TAC will host the first County Technology Conference where attendees will learn how to tackle the various technology challenges counties face, including cyber threats.

The Pool also provides on-site training at the request of counties, in addition to webinars and customized workshops.

"Cyberstar is a credit to TAC's commitment to cybersecurity (from the top down and across) and all the behind-the-scenes security and data privacy work done by so many within the organization to keep TAC in a cyber-ready posture," Ruiz said. "We will never be able to eliminate 100% of our cyber risk, but we have taken great strides to prepare our employees, our infrastructure, and keep evolving our risk mitigation techniques as cyber threats remain very fluid and highly adaptive."

TAC is the 14th organization statewide to receive the Cyberstar recognition, a program that began last year.