Write Up:

Statewide, MoDOT maintains thousands of computer devices. Keeping those computers safe from outside threats is a 24-hour responsibility using the latest security measures.
 
For the second quarter of fiscal year 2024, MoDOT received a total of 1,984 emails containing malicious content (links and/or attachments) that were delivered to user inboxes. Of those 1,984 delivered emails, there were a total of 15 clicks on contained links or attachments by the recipients. Ten of the 15 clicks were blocked at the time of click while the other five were permitted. These five permitted clicks were later identified as false positive threats by MoDOT’s email security vendor. Before that false positive status was known, all the alerts were resolved following standard IS incident response procedures. These emails were later unquarantined when determined to not be a threat. The other 10 blocked clicks were a mix of credential phishing and malware delivery threats. The average click rate for the quarter was 0.8%, a decrease of 3.1% from the previous quarter.
 
This quarter saw the largest number of malicious emails delivered to user inboxes since this measure was first tracked. The previous high was 1,797 emails delivered in second quarter of FY 2021. There were only 17 days of the 93 in the quarter that MoDOT did not receive a malicious email directly to the user's inbox. Most of these came from smaller attacks with anywhere from one to 10 emails delivered with the exceptions being two days where there were 200+ emails delivered. 
 
MoDOT continues to emphasize cybersecurity and provide training for all department computer users. The cybersecurity oversight team works to define areas of vulnerability and deploy solutions to address risk. In addition, MoDOT utilizes the Office of Administration’s network firewall services, endpoint cybersecurity detection, and remediation services to provide increased cyber protection.

Purpose of the Measure:

This measure reports MoDOT's average click rate on malicious email links and attachments. Using this measure MoDOT can compare performance to previous quarters and make adjustments in security training program to reflect the observed trend.

Measurement and Data Collection:

The incident data for this measure is captured from MoDOT's e-mail security platform.
The target for this measure is zero clicks.