News Article | October 19, 2022
Resources From DIR and CISA
October is Cybersecurity Awareness Month, and the Texas Association of Counties' County Information Resources Agency (TAC CIRA) is issuing a series of weekly emails to encourage counties to prepare strong defenses against these risks. Two agencies stand ready to assist you: the state Department of Information Resources (DIR) and the federal Cybersecurity & Infrastructure Security Agency (CISA). They both provide resources to county governments to help them protect themselves from a cyberattack and to respond after an attack.
CISA warns that ransomware is a form of malware (malicious software) designed to encrypt files on a device, making those files and the computers and networks that rely on them unusable. Hackers, also known as bad actors or threat actors, then demand ransom in exchange for decryption. Malware can be spread via apps, phishing or "poisoned" websites that resemble familiar destinations.
Both DIR and CISA recommend these practices to keep individuals and counties safe:
- Enable multifactor authentication.
- Use strong passwords.
- Schedule regular cybersecurity trainings to stay up to date on the latest schemes.
- Recognize phishing emails and report them to your IT or leadership team.
To combat phishing attacks, the two agencies recommend that users do not open or click on suspicious or unexpected attachments or links. Individuals should be alert to impostors posing as legitimate senders.
The DIR offers the following resources:
- Information security: dir.texas.gov/information-security
- Additional cybersecurity tips: dir.texas.gov/sites/default/files/DIR%20OCISO%20Cybersecurity%20Tips%20Guide.pdf
CISA offers the following resources:
- Ransomware protection: www.cisa.gov/stopransomware
- Free cybersecurity services and tools: www.cisa.gov/free-cybersecurity-services-and-tools
Ernesto C. Ballesteros is the CISA state cybersecurity coordinator and adviser for Texas. He may be reached at his office at (210) 202-6646. He may be reached via email at the following: email@example.com