In South Dakota, the state’s cybersecurity team has cut the time it takes to respond to phishing campaigns from days to within an hour.
Pat Snow, the state’s chief technology officer, said that the Bureau of Information and Communications’ security operations center has taken an aggressive stance on email phishing. He credits a mix of education and efficiencies enabled by the state’s consolidated IT structure for helping the state to build stronger and more responsive defenses against such attacks.
“We’re looking at security education as a big priority,” Snow said. “We’ve just began mandating security education and training, and that’s been really well accepted — we had almost 100 percent acceptance across the agencies last year.”
That cross agency training for cybersecurity has helped the state really increase its efficiency with addressing phishing campaigns, Snow said. In fact, the state now tracks approximately 20 different campaigns a month — mainly because it detected them through employees reporting the malicious emails.
“We’ve seen really good payback [on that phishing training],” Snow said. “These are targeted campaigns against our clients. The reason we’re able to track them is because they’ve been reported. That’s through education.”
In fact, by tracking those campaigns, Snow said South Dakota has decreased the response time on phishing attacks from days down to hours.
“Our operations center is usually able to get on that really quick because we’re consolidated,” Snow said. “We’re able to push in defenses and blocks for those campaigns within an average of an hour as it’s released. We’re looking to close that even into minutes if we can.”
Even with a high acceptance rate of training and positive results, Snow acknowledged that the state still had work to do on cybersecurity.
“I know that’s one of the biggest vectors right now,” Snow said. “That just means we have to continue on that, and we’re seeing a very big benefit from [the training]. That’s going to be another priority.”