Enterprise IT Security
The mission of the Enterprise Security division is to provide oversight activities that govern all IT security initiatives ensuring all IT service areas are working towards a common goal of protecting County assets from cyberattacks. Continued collaboration and security awareness activities will ensure Palm Beach County IT services remain available while protecting data from unauthorized access, modification or loss.
Our vision is to align cyber security standards with business needs without compromising innovation. The approach used is the NIST Cybersecurity Framework:
- Identify – Maintain an inventory of assets and processes the may be vulnerable to a cyber-attack
- Protect – Ensure protection procedures are in place for all assets and processes
- Detect – Implement monitoring processes to alert staff of anomalous activities
- Respond – Ensure procedures in place to quickly isolate and mitigate anomalous activities
- Recover – Be prepared to restore services and improve protections against source of anomalous activity
Our goals:
- Raise employees’ cybersecurity awareness of emerging threats, both at home and in the workplace
- Enhance cyber resilience to be able to prepare, respond, and recover from cyber threats
- Promote cyber information sharing between departments and self-managed agencies
- Ensure data is classified to ensure proper access controls and security protections
- Increase monitoring of data traveling within the network to alert on abnormalities
Primary functions include:
- Identity and Access Management
- Cyber Security Risk Management and Governance
- Vulnerability Management
- Digital Forensics and Incident Response
- Data Security and Classification
- Security Continuous Monitoring
- Security Awareness Training