araphoe county logo
Share to Facebook Share to Twitter Bookmark and Share
File #: 23-636    Version: 1
Type: Presentation Status: Agenda Ready
File created: 10/18/2023 In control: Board of County Commissioners Study Session
On agenda: 11/7/2023 Final action:
Title: 1:00 PM *Cybersecurity policy and StateRAMP Update.
Attachments: 1. Board Summary Report, 2. Draft MOU
Date Ver.Action ByActionResultAction DetailsMeeting DetailsAudio/Video
No records to display.
To: Board of County Commissioners

Through: Philip Savino, Director, Information Technology

Prepared By:
Philip Savino, Director, Information Technology

Presenter: Philip Savino, Director, Information Technology

1:00 PM *Cybersecurity policy and StateRAMP Update.

Purpose and Request:
recommended action
The Arapahoe County Information Technology Department (IT) would like to update the Board of County Commissioners on the progress of ACG Cybersecurity policy and the adoption of StateRAMP.

Background and Discussion:
The session is to inform the Board of important progress in county-wide cybersecurity. We are prepared to take significant steps to enhance our county's cybersecurity posture by creating the first County-Wide Cybersecurity Policy. Additionally, we seek your permission to proceed with enrolling in the StateRAMP program, which will further fortify our digital security.

In today's digital landscape, cybersecurity is of paramount importance. The increasing frequency and sophistication of cyber threats pose a significant risk to our county's sensitive information and digital infrastructure. Recent incidents worldwide underscore the importance of proactive measures to protect against cyberattacks. We believe that a County-Wide Cybersecurity Policy is essential for the following reasons:

Protection of Sensitive Data: We hold vast amounts of sensitive data, including residents' personal information, financial records, and critical government data. A cybersecurity policy will ensure robust safeguards are in place to protect this information.

Operational Continuity: Cyberattacks can disrupt essential services, causing significant downtime and inconvenience. A policy will ensure that our systems are resilient and capable of maintaining essential operations even during security incidents.

Compliance and Legal Requirements: Government agencies are increasingly held to stringent cybersecurit...

Click here for full text