US Department of Transport hires new CIO
According to Federal N...
The US Department of Transport (DoT) has hired former HP executive, Vicki Hildebrand, as its new Chief Information Officer (CIO).
According to Federal News Radio, a DoT spokeswoman confirmed that Hildebrand, a former HP executive, had joined the agency.
The HP veteran previously claimed to Columbia University in 2015 that she aspired to become a CIO, a role that she will now assume.
Having worked for the tech giant for more than 30 years, Hildebrand held a number of leading roles in her final years at Hewlett-Packard. These include Senior Director of Global Business Services, Senior Director of Customer Advocacy and, most recently, Vice President of Customer and Partner Advocacy.
She will replace former CIO Richard McKinney who left the agency in January for a new position as Vice President of Enterprise IT Strategy at AECOM, picking up a number of initiatives that McKinney had started including further modernisation of the DoT infrastructure.
Hildebrand’s appointment comes at the same time as the departure of the long-standing Patent and Trademark CIO John Owens, who is set to step down from his position on 3 November this year.
213% increase in cyber attacks on UK remote council workers
Cyber attacks on UK councils’ remote workers more than tripled during the pandemic, according to a series of Freedom of Information (FOI) requests. The requests made by Insight, a Fortune 500-ranked global provider of Intelligent Technology Solutions, found attacks rose by an average of 213% from March 2020 compared to the 12 months before.
On average councils switched 74% of their employees, more than double the UK average, and representing more than 1.4 million workers across the UK, to remote working during the pandemic. This presented many challenges such as having to adapt to a new way of working and being under budget pressures.
According to the FOI requests, only 20% made additional investments in security, investing an average of £46,000 – in all cases taken from the wider IT budget. As a result, investments in security came at the expense of other IT services. With increased remote working set to continue in 98% of councils, attacks targeting employees at home will likely continue to increase, especially if investing in security doesn’t become a priority.
Eliminating gaps in security is key
“The fact that councils could move their employees to remote working without disrupting services needs to be recognised for the major achievement it was,” said Darren Hedley, Managing Director, UK & Ireland at Insight. “However, councils now need to build on this success: putting in place and strengthening defences to protect remote workers and eliminate gaps in security that could allow attackers to threaten essential services. It’s likely that many councils cannot do this alone. They need support and resources from central Government, or else we will see more and more employees and councils falling victim to attackers.”
It was found that less than half (47%) of councils invested more of their security budget in increased security training for remote workers. At the same time, only 6% prevented any employees from working remotely because it wasn’t possible to guarantee secure access to data.
“Clearly the priority in 2020 was enabling remote working, but more than a year into the pandemic it’s worrying that many councils still haven’t been able to assess their security posture,” said Charlotte Davis, Cyber Security Practice Lead, Insight. “These assessments need cover the entire threat landscape, including third party risks, and honestly analyse gaps in the organisation’s security posture. Once this is in place, councils can take the appropriate action to repair any gaps, from investing in technology, to building security awareness and putting frameworks in place so employees can follow best practice. Doing this will demand time and resources, so it’s essential that councils are given the support they need.”