Columbus Data Breach

COLUMBUS DATA BREACH

DailyPost 2918
COLUMBUS DATA BREACH

The data breaches at the local self governments in the US does not evince interest and publicity as it deserves in public interest. Maybe as it happens so frequently that it has become a normal affair, notwithstanding the debilitating impact on the public services. The loss of personal data too remains a matter of concern. At the end of the day, a government is a government and represents the power of the state, if that gets diluted, it would be a serious dent to the third tier of democracy. At times local self governments have ended up paying ransom as well.

If we do a bit of reverse engineering, the fact of the matter is that cyber security seems to have not been given the focus, resources, expertise, monitoring and a zero tolerance approach. Prevention is the name of the game. Capital investments would need to be made on all fronts making it both robust and resilient. The Columbus Data Breach of 18th of July 2024 brings to the fore the muck we are in. Even after two months of the attack 21% of the systems are still down. Another 8% are only partially functional. These numbers are marginally better than last week, but complete recovery by September end is not being ruled out. It is said that the industry standard for breach recovery is 150 days.

Besides the administrative / utility conundrum it creates, it also makes holes in the organisation’s pockets. These are not the institutions that are fund rich. The mayor had used his emergency powers to approve $4 million in technology spending related to the recovery from the breach since July 2024. Out of this funding $3 million was spent on the operations and $1 million on capital purchases. How much difference will it make in cyber security preparedness remains debatable. The main issue of the current operations is focused on bringing back the IT systems to its normal functioning.

The operation itself becomes a full fledged task. They have to work on multiple fronts. Philosophically, data breaches “are always learnable and teachable moments”. The first move after the breach was to hire a law firm, Dinsmore, having expertise in data breach and incident response legal advice. They then hired Digital Mint and Haystack, firms that provide cyber security consulting. “The sheer volume of records makes it impractical to notify everyone individually”. So far, about 14,000 residents, employees and others have signed up for “free credit monitoring and identity theft insurance”. Anyone who feels he has been impacted can register till 29th November 2024. What can be the nature of governance and utilities in such trying circumstances, you can decide for yourself.

HACKERS ARE BRINGING GOVERNMENTS TO THEIR KNEES, TIME FOR A GLOBAL LEGAL AND EXPERTISE COLLABORATION.
Sanjay Sahay

Have a nice evening,

Leave a Comment

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.

Scroll to Top