Tompkins County adopts state cybersecurity pilot program

Jacob Mack, Ithaca Journal

Tompkins County announced the launch of a pilot Security Information and Event Management (SIEM) program late last week, becoming the second county in New York State to implement the cybersecurity initiative.

The program is conducted in cooperation with the New York State Office of Information Technology Services (NYS ITS), the Division of Homeland Security and Emergency Services (DHSES), and the New York State Operations Center (NYSOC).

By deploying advanced SIEM technologies, Tompkins County aims to enhance its capabilities to detect, prevent, and respond to cyber threats more effectively.

Loren Cottrell, Director of Tompkins County Information Technology, stated, “This pilot program is a testament to New York State’s dedication to establishing a robust statewide cybersecurity framework. Our collaboration with NYS ITS, DHSES, and NYSOC will not only help safeguard our county’s digital infrastructure but also serve as a model for other counties to strengthen their cyber resilience.”

The SIEM program will allow for real-time analysis of security alerts generated by hardware and network devices, improving the county’s ability to manage and mitigate potential cyber incidents, officials said.

Cottrell said Tuesday the program is mainly an effort by the state to reduce the likelihood of region-crippling cyberattacks, like the ransomware attacks that took down Suffolk County IT systems last year.

“Many of their systems were down for 6 to 9 months, so they weren’t able to do things like record tax documents and property sales, and even their 9-1-1 systems were down, so they had to revert to paper,” Cottrell said. “That’s just one example of what the state is trying to protect local governments from going through.”

The Tompkins County Crest
The Tompkins County Crest

Selection, protecting important data

Tompkins County was selected for this pilot program due to its proactive stance on cybersecurity and its strong partnerships with state agencies, according to a statement from county officials. The insights gained from this pilot will be crucial in refining the processes and technologies before a broader roll-out across other counties in New York State.

“All of our logs from, servers, firewalls, and other security appliances, really anything that generates a log, we are now sending to the New York State (Joint Security) Operations Center, in Brooklyn,” Cottrell said.

State employees man the center 24/7, scanning for anomalies in the data they receive.

“If there was, lets say an IP address that matched a security vulnerability, they’d notice it, start doing some threat hunting, reach out to alert us, and if it was big enough, they’d also alert the NYSDHS search team, or the critical infrastructure response team,” Cottrell said.

Homeland security cyberteams would help county officials recover from and revert the effects of potential cyberattacks targeting Tompkins County data, officials said.

“It gives us a lot of warning that somebody may be trying to break in,” Cottrell said. “It does protect our data. A similar initiative that we did about a year ago now, it was an endpoint protection, you can think of it as an antivirus program which feeds our data back from each of our endpoints to the state.

The data will now be stored by the state and applied against any other security feeds gathered throughout the state, as well as third-party security feeds from private companies, looking for IP addresses – numerical labels assigned to web-enabled devices – from known hackers and other bad actors to identify and remove their access to County data as a means of preventing cyberattacks before they happen.

“We have HIPPA data, we have some client data, and there’s infrastructure data that we wouldn’t want to be leaked," Cottrell said. "As far as critical infrastructure, the county has a 9-1-1 center we support, and there has been a lot of information sent to us from Homeland Security and the FBI regarding the targeting of 9-1-1 centers.”

The Security Information and Event Management program was created under a $6 million state cybersecurity grant plan created in 2021, with program interest sign-ups announced by state officials in February.

This article originally appeared on Ithaca Journal: Tompkins County adopts state data monitoring program

Advertisement