Write Up:

MoDOT uses thousands of computer devices to get work completed from multiple locations around the state. Keeping those computers safe from outside computer threats is a 24-hour job using the latest security measures. 

During this past reporting period, MoDOT reported 25 cybersecurity incidents. This is an increase of 10 incidents from the previous quarter, resulting in a total of 40 incidents for FY20 compared to 45 incidents for the same reporting timeframe in FY19.  Incidents included users accessing or attempting to access sites with malicious content, infected phishing emails and other targeted technology exploits.

MoDOT continues to emphasize cybersecurity and provides cybersecurity training for all department computer users.  The department's cybersecurity oversite team works to define areas of vulnerability and deploy solutions to address those risks.  In addition, MoDOT utilizes the Office of Administration’s network firewall service, as well as endpoint cybersecurity detection and remediation services to provide increased cyber protection.

Purpose of the Measure:

This measure reports the number of MoDOT cybersecurity incidents compared to state agencies. An incident is defined as any threat that standard anti-virus protection software can’t detect.

Measurement and Data Collection:

Data for this measure is captured from the OA Office of Cybersecurity. The target for this measure is zero.