Are Cyber Attacks Worth the Job Opportunities They Create? - GovTech
2023-10-17 18:05 (EST) - Ken Dixon
(TNS) — The age of increasing cyber attacks threatens businesses, state infrastructure, government and Connecticuts utilities.But the current vulnerabilities have also created opportunities to share information and train people to fill an estimated 600,000 future cybersecurity jobs across the country, state experts said Monday during a forum at the University of Connecticut School of Business."If I was a bad actor, I would think Id go after the low-hanging fruit" presented by smaller towns in the state, said Gov. Ned Lamont. "I would assume that they would be a little less sophisticated when it comes to cyber protections. I would worry that thats a back door into the Department of Revenue Services or your financial entity, or your utility. I assume this is a really good way to check on those doors that are left ajar and to make sure theyre locked. That makes an awful lot of sense to me. Get on-board with these skills. Youre going to have to learn these skills. Its an incredibly important skill set to have. Theres a guaranteed job."Lamont said state officials deal with such Internet-based attacks every day. "We have pretty good visibility across state government. We didnt have that before and weve moved more and more of our information up to the cloud, so we have a higher level of sophistication. Being able to play defense is just incredibly important to the ongoing operation of our companies."Various state entities have been targeted by computer criminals, from hospitals to $6 million recently stolen from the New Haven school district. "Im terrified," Lamont said. "Were constantly under attack. I see Eversource. I see what a hack there could mean to the state, short-term and long-term."Michelle Gilman, commissioner of the state Department of Administrative Services, which heads the states IT services, stressed that for starters, residents, government and industry should use tougher passwords and to change them on a regular basis. "Its really to protect us and to protect our information, our security, and any data behind the scenes that were utilizing," Gilman said. She also warned that so-called phishing schemes, in which innocent looking emails can lead to hacking into peoples lives, bank accounts and credit cards, are on the rise."Emails that look official oftentimes are not and we need to very sensitive to those emails that look suspicious," Gilman said. "Take a pause before clicking on that link. Phishing is probably one of the highest-level priorities that we deal with at DAS and throughout state agencies." Security upgrades and updates are very important to join, Gilman said.The growing use of Artificial Intelligence in cyber crimes, means it will also become a major tool in repelling cyber attacks. "Its basically a fight between bad players who use AI, and we have to ultimately use AI in our defenses," said Kazem Kazerounian, dean of the UConn School of Engineering, during the hour-long panel discussion.He noted that there are 15 courses in cybersecurity at UConn, with there plans for offering majors in it. For about 10 years, UConns Center for Voting Technology Research has helped the Office of the Secretary of the State to stay up to date on security of databases and has assisted in policy making. The center developed software that double checks polling place scanners. "Our center has become a national leader in the science of what they call risk-limiting audits," he said."You know when you look at cybersecurity, we value it and measure it by two metrics: one is the value of the target and the second one is the size of the surface attack," Kazerounian said. "When you look at election systems, they are both extremely large. What makes it even worse is that an attack can succeed by simply creating a perception of success.""Its an incredibly complex business," said Mark Raymond, the states chief information officer who led the panel of eight people in a second-floor meeting room in downtown Hartford. He noted that nationwide, October is being called Cybersecurity Awareness Month. "The concept of cybersecurity is a rapidly changing field," he said. "The demands that we see on a day-to-day basis, the risks that come our way, the amount of technology change and the amount of cybersecurity risk that all comes together, really makes for a dynamic and changing environment."Brenda Bergeron, deputy commissioner of the state Department of Emergency Services and Public Protection, said a multi-year, multi-million-dollar federal grant has allowed teams of personnel from the Connecticut National Guard to review the cyber defenses of 159 of the states 169 towns and cities. Initially, the goal is to get local governments to meet a minimal level of security against possible computer crimes."Some towns just dont have the staff," Bergeron said after the forum. "Its an effort from the federal level, but were building on it to help the smaller towns get up to that minimum standard." The state is developing a list of standards for municipal government. Other forum participants included Chris Lee, chief information security officer for Eversource.Sabrina Tucker-Barrett, president and CEO of the Hartford-based Girls for Technology, said women from under-resourced communities between the ages of 18 and 29 participate in 10-week training sessions that include sections on cybersecurity, "and were able to pipeline them in to our corporate partners."On Friday, there will be a day-long event at Central Connecticut State University called Cyber Nutmeg, during which local government officials, school superintendents, IT and cybersecurity profssionals will participate in a variety of activities including an exercise in detection and discovery.Co-sponsored by the Connecticut Education Network, the event will include a briefing from the FBI, Homeland Security, and CT Counter Terrorism and Intelligence (CTIC), as well as training workshops.
