eCourts 2020 logo 2 banner image

The importance of having a cybersecurity response plan

May 13, 2020

In the September 17, 2019 edition of NCSC's Court Talk podcast, Charles Byers, the chief information officer for the Kentucky Court of Justice, talked about when, not if, a cyberattack would hit your court. The topic has recently come back to the fore due to a recent court ransomware attack.

Byers talked about two similar attacks that took place in his state, the first in which the courts did not have a response plan and the other in which they did. Byers further elaborated on his experience and the lessons learned at CTC 2019 where he gave a presentation entitled directly enough “How I Almost Lost My Job – The Importance of Having a Cybersecurity Response Plan” (video here, PowerPoint slides here). Among the steps he took

  • Developing the Cybersecurity Response Plan and what each section of the plan looked like
  • Taking a holistic view of security operations as a key part of court operations and not something "bolted on"
  • Identification of the seven steps for a Security Incident Response
  • Identification of the Roles and Teams associated with plan development and incident response
  • How the plan actually worked when a cyberattack occurred in 2019 and lessons learned

Several NCSC publications have focused on this area of cybersecurity and cyberattacks: