SALEM, Ore. — Oregon Gov. Kate Brown has ordered state agencies to completely overhaul their cybersecurity systems, calling the current safeguards antiquated.
Brown emailed state agency directors Monday and gave them less than two months to get to work improving the systems, the Statesman-Journal reported (http://stjr.nl/2caZNnz ). Her order requires the agencies to hand over their cybersecurity documents and temporarily send their information technology security personnel to work for the state’s chief information officer.
Brown said agencies across the state should unify cybersecurity protocols — something Alex Pettit, the state information officer since 2014, said is long overdue in Oregon. The governor has asked Pettit to lead the overhaul through at least June 2017.
“What we’re doing today is fundamentally not working,” Pettit said. “Who knows what’s out there? Some of these systems are easily 25 years old.”
Confidential information on state government is vulnerable to cyberattacks, Pettit said. That includes things like Social Security numbers, financial records and login information. Hackers have begun to notice the weakness and hacked into at least eight state agencies in the past two years, he said.
“Even though they’re small attacks, they’ve had a big effect on us,” Pettit said. “We have folks that attack for political, financial, reputational reasons.”
Information from: Statesman Journal, http://www.statesmanjournal.com