McMinnville government is increasing its cyber security.
The Board of Mayor and Aldermen has established new IT polices in order to be eligible for additional cyber security insurance coverage totaling $250,000 per incident.
“What we are proposing is the addition of two new security policies for IT, plus an acceptable use that we just combined with our current policy,” said Libby Rutledge of the Human Resources Department. “Currently, we have some gaps so we are not eligible for additional cyber security which covers ransomware or third party credit monitoring if you have a breach. These policies will make us eligible for that.”
Massive cyberattacks occurred in 2017. They spread across the globe hitting hundreds of thousands of computers and crippling major government and corporate operations. The malware was called WannaCry.
At that time, officials allowed a review by Litewire to determine the city’s vulnerability. It determined there was “little to no security in place” and the city’s “systems were outdated or not up to enterprise level protection standard.”
Since that time, the city has hired an information technology (IT) person and has improved its protection against cyberattacks.
“This will ensure, if we have a breach and if we get stuck with a ransom, we have insurance to cover that,” said Rutledge. “The coverage is $250,000 for incident. That covers the credit monitoring if we have a breach.”
Covered would be:
• Data breach: third party forensics, compliance with regulations following a breach, notification of affected individuals, credit monitoring and bank charges.
• Cyber extension: social engineering, ransomware and data restoration expenses.
The Board of Mayor and Aldermen unanimously approved the IT policy. Coverage began in August.