​SOC-as-a-Service In The City of Sparks, To Protect ​The Protectors

SOC-as-a-Service in the city of Sparks, to protect The Protectors (1).jpg

By Young-Sae Song

Like society as a whole, police departments increasingly embrace digital technology innovations that improve their ability to protect and serve the public. That makes them just as vulnerable – perhaps more vulnerable – to the snowballing dangers of cyber attacks. And, for obvious reasons, the level of risk they face is exceptionally high.

With greater frequency, public institutions such as hospitals, schools, and city services are targeted by ransomware, malware, phishing emails, and DDoS attacks. Perhaps ironically, law enforcement has discovered that it too is a popular mark for cybercriminals. Threats come from all angles: socio-political hackers seeking to expose a police officer’s personal information; denial-of-service attacks intended to shut down police conferences and meetings; and ransomware attacks that hold documents, videos, photos and other potential evidence hostage. Cops “don’t generally pay ransoms,” but after five Maine police and sheriff’s departments were hit by ransomware thieves, one of them did.

Technology requires maintenance and updates. Security vulnerabilities in older software make prime territory for exploitation. Now that first responders are popular targets they’ve learned–sometimes the hard way–how critical updates, upgrades, and backups are for security reasons. What’s more, as first-responders increasingly use sensors and IoT capabilities they expose themselves to new areas of risk, and cybersecurity only becomes more complicated and more dangerous.

Case in Point, the City of Sparks

Nevada is the 2nd-fastest growing state in America, and the greater Reno-Sparks area of Nevada’s Washoe County is a big reason why. It’s the new home of the $5B Tesla Motors Gigafactory, and to many other rapidly expanding companies. This exciting regional growth has meant more reliance on services by the City of Sparks, who came to our team after withstanding a series of cyberattacks that left them concerned about their ability to face them in the future.

Police work is always stressful, but especially so when daily communications, like 911 dispatch systems, and access to the needed document, video, and photo files are constantly threatened. These digital files include footage from body cameras, and Nevada is among the few states requiring their use by all officers. Before our engagement, Sparks’ police department experienced a ransomware attack. While its IT team identified the attack before it could cause mass disruption, it left the team scrambling to implement and perform extensive, ongoing backup operations to prevent data loss during inevitable future attacks. This was exhausting enough, but there was more. Cybercriminals began leveraging social media information to conduct spear-phishing attacks on Sparks’ police officers and government officials. The constant wave of these attacks seemed endless not just to the IT team but also to the officers themselves, who wondered daily if they’d be able to successfully perform their duties without a hacker intervening.

Like many cities, the City of Sparks had in place what it previously thought was sufficient for cybersecurity defense: security products for endpoints, email and web gateways, and firewalls; along with a reasonably well-staffed group to manage and maintain these technologies. But now the city’s police department risked not only having its files frozen, but also having its data breached, which could lead to evidence tampering, outing informants and undercover agents, and blackmailing targets of investigations, among other serious issues.

At this point, the City of Sparks’ IT team understood they lacked the necessary technology, processes and procedures, and personnel expertise to protect their police force and other departments. It was a helpless feeling – requiring protection – for the police officers themselves, considering their entire lives are dedicated to protecting others.

SOC-as-a-Service Proves Invaluable

To successfully combat the multiplying dangers of incoming cyber threats to its law enforcement officers, the City of Sparks sought a security operations center (SOC), a truly holistic and comprehensive solution that combines security experts, advanced security technologies, and processes for incident detection and response. Not only did it need a strong line of defense to protect the city’s defenders, but the solution also needed to be, affordable, properly manned, and capable of deploying rapidly.

Fast forward just one week and the City of Sparks had their solution, complete with the benefits of hybrid AI, a combination of machine learning and human expertise that has improved their threat detection by 10X and reduced false positives by 5X. In security, the human touch can often get overlooked, but it makes all the difference when lives are at stake.

Now with a SOC-as-a-service, the City of Sparks has the continuously monitored, pro-active defenses it needs against all forms of evolving threats, including the spear-phishing and ransomware attacks that once imperiled the city’s first responders. And the Sparks police officers perform the challenging and often dangerous duties of their jobs without additional worry. They no longer have concerns about being victimized by cybercrime, but instead, focus on the real crimes and issues affecting their city.

About Young-Sae Song

Young-Sae leads all marketing efforts at Arctic Wolf Networks, drawing on his 20-year track record of high tech industry success. A transformative marketer, he has led major rebranding, corporate/product marketing, product management and sales enablement teams to deliver rapid business growth and bottom-line profitability.

More About Young-Sae