Background:
Mister Chairman: Security of cyberspace remains a significant concern. Events that could potentially lead to data loss and/or interruption of county services could occur in many ways. For example, a simple misconfiguration of a system containing sensitive resident records could be exposed to the Internet; a system could be exploited due to software or code vulnerabilities after a user clicks on a phishing email or browses to a compromised website; or a smartphone could be lost.
Rarely does a month go by without another major company or government agency disclosing a breach of their corporate systems. Cyberattacks will continue to increase as hackers continue exploiting weakness and finding ways to breach even the most sophisticated state-of-art defenses. Care and attention must be taken to safeguard financial, telecommunication, healthcare, emergency response, and other essential infrastructures that are increasingly remote and dependent on information technology systems.
Fairfax County has made significant investments in technology to provide effective services to residents. A significant part of these investments includes supporting the critical technology infrastructure to conduct business efficiently and effectively while minimizing risk to the County’s data and IT assets. The threat from security breaches is real, and we must continue to take the proper precautions to protect Fairfax County infrastructure and citizen data.
Motion:
Without objection, I ask the Board of Supervisors to:
• Proclaim October 2023 as Cybersecurity Month in Fairfax County and direct staff to invite appropriate
individuals to appear before the Board on Oct. 10, 2023 to be presented with the proclamation.
• Direct the Office of Public Affairs to promote this proclamation and the Department of Information
Technology's Annual Security Awareness Day event for Fairfax County employees, to be held on Friday,
Oct. 13. This event will provide staff opportunities to hear from industry experts on many things that can
be done in securing access to personal data, as well as the data they have access to at work.