Reduce Number of Cybersecurity Incidents -6e

MoDOT uses thousands of computer devices to get work completed from multiple locations around the state. Keeping those computers safe from outside computer threats is a 24-hour job using the latest security measures. 

Embed
Is Responsive
Embed Code

Result Driver

Contact Photo
beth ring
Beth Ring
Title
Information Systems Director
Department
Information Systems
Contact Info

Email: Elizabeth.Ring@modot.mo.gov

Phone: (573) 751-1345

Measurement Driver

Contact Photo
volkart
Jason Volkart
Title
Information Systems Supervisor
Department
Information Systems
Contact Info

Email: Jason.Volkart@modot.mo.gov

Phone:  573-751-3578

Write Up:

Statewide, MoDOT maintains thousands of computer devices. Keeping those computers safe from outside threats is a 24-hour responsibility using the latest security measures.  

Through the first two quarters of fiscal year 2020, there was a total of 38 incidents.  During the first quarter of fiscal year 2021, MoDOT reported 21 cybersecurity incidents, a reduction of 45%. All incidents were related to users accessing or attempting to access internet sites with malicious content.  Malicious links are common in emails or on web pages. The Information Systems Division manages a Proofpoint email server and threat protection to combat cyber threats. During the second quarter of FY 2021, there were 3,796 email threats identified and thwarted.  Of those threats, 3,027 (80%) were internet links, 647 (17%) were attachments, 76 were hybrid (both links and attachments) and 46 were imposter threats.
  
New technology products and some policy changes are aiding to reduce the number of cybersecurity incidents. The new technology consists of a more robust tool to target and trap malicious email phishing campaigns. Along with this new tool, policy changes to increase the strength of user passwords have been implemented.  

MoDOT continues to emphasize cybersecurity and to provide training for all department computer users. The cybersecurity oversite team works to define areas of vulnerability and deploy solutions to address risks. In addition, MoDOT utilizes the Office of Administration’s network firewall service, endpoint cybersecurity detection and remediation services to provide increased cyber protection.

Purpose of the Measure:

This measure reports the number of MoDOT cybersecurity incidents compared to other state agencies. An incident is defined as any threat that a standard anti-virus protection software cannot detect.

Measurement and Data Collection:

The incident data for this measure is captured from the state Office of Administration of Cybersecurity.  Proofpoint email protection is provided by Information Systems.

The target for this measure is zero.