Background:
Security of cyberspace remains a significant concern. Events that could potentially lead to data loss and/or interruption of county services could occur in many ways. For example, a simple misconfiguration of a system containing sensitive records could be exposed to the internet; a system could be exploited due to software or code vulnerabilities after a user clicks on a phishing email or browses to a compromised website; or a smartphone, tablet or unencrypted flash drive could be lost.
Rarely does a month go by without another major company or government agency disclosing a breach of their corporate systems. Cyberattacks will continue to increase as hackers continue exploiting weakness and finding ways to breach even the most sophisticated state-of-art defenses. Care and attention must be taken to safeguard financial, telecommunication, healthcare, emergency response, and other essential infrastructures that are increasingly remote and dependent on information technology systems.
Fairfax County has made significant investments in technology supporting public safety, human services, open government, and other county business operations to provide effective services to residents. A significant part of these investments includes supporting the critical technology infrastructure to conduct business efficiently and effectively while minimizing risk to the County’s data and IT assets. The threat from security breaches is real, and we must continue to take the proper precautions to protect Fairfax County infrastructure and citizen data.
Motion:
Without objection, I ask the Board of Supervisors to:
• Proclaim October 2022 as "Cybersecurity Month," in Fairfax County and to prepare a proclamation for a presentation outside the boardroom at the Annual Security Awareness Day event on October 28, 2022.
• Direct the Office of Public Affairs to promote this proclamation and the Department of Information Technology's Annual Security Awareness Day event for Fairfax County employees, to be held on Friday, Oct. 28, 2022. This event will provide staff opportunities to hear from industry experts on many things that can be done in securing access to personal data as well as the data they have access to at work.