The URL can be used to link to this page

Browse Search

Home My WebLink About20230251.tiffMINUTES WELD COUNTY COUNCIL October 17, 2022 The Weld County Council met in regular session in full conformity with the Weld County Home Rule Charter at 6:30 p.m., Monday, October 17, 2022, at the Weld County Administration Building, 1150 0 Street, Greeley, CO. ROLL CALL: El The meeting was called to order by President Nancy Teksten. Councilmembers Tonya L. Van Beber, Cindy Beemer, James Welch and Rupert Parchment were present, constituting a quorum of members. Also present was County Attorney Bruce Barker and Council Secretary Linda Kane. APPROVAL OF AGENDA : Councilmember Beemer made a motion to approve the agenda, seconded by Councilmember Parchment and carried. APPROVAL OF DOCUMENTATION: Approval of September 19, 2022, Minutes Councilmember Welch made a motion to approve the May minutes, seconded by Councilmember Parchment, and the motion carried. REVIEW PROGRAM: Ryan Rose, Chief Information Officer/Director of Administrative Services Mr. Rose gave an overview of his role as director of administrative services. He said the average turnover rate in the information technology department is 3.2% compared to the national average of 22%. His annual budget is just over $10 million. The county has 1,900 employees and they are required to perform monthly security online training courses. Mr. Rose said most cyber attacks come via email. The county has a two -factor identification system. See addendum 1. PUBLIC COMMENT: Sheriff Steve Reams said Mr. Rose is one of the best hires the county has made. He also stated that he did not mean to offend anyone in an email he sent to Council. Sherrie Peif, of Evans, filed a CORA request per the recent salary negotiations. She encouraged Council to take another look at salaries before signing Resolutions. She said the last Council meeting was disorganized. Rob Peacock, of Firestone, said he changed his mind on salary increases, citing he was at first against them. He said the sheriff really needed a pay increase. Dave Kisker, of Greeley, said that based on other counties with comparable populations, the sheriff did not need a significant pay increase. OLD BUSINESS: Resolution 223, Salary for Commissioners Cop)u1 ; Co +.on S O1/25/23 2023-0251 Councilmember Welch made a motion to approve Resolution 223, seconded by Councilmember Van Beber, it was opposed by Councilmembers Parchment and Beemer, President Teksten voted aye, and the motion carried. Resolution 224, Salary for Clerk and Recorder Councilmember Welch made a motion to approve Resolution 224, seconded by Councilmember Parchment, it received all ayes and the motion carried. Resolution 225, Salary for Sheriff Discussion prior to the vote included Councilmember Beemer who said it doesn't make sense that a subordinate make more than the Sheriff. She said she had a strong problem with setting the sheriff's salary at $208k, as it was too low. Councilmember Parchment said it wouldn't be a surprise if the sheriff became disgruntled when employees below him were making more money. Councilmember Welch said it's not uncommon that a boss sometimes get paid less than subordinates. He said by setting the sheriff's salary at $208k, he will be the highest paid sheriff in the state. Councilmember Welch made a motion to approve Resolution 225, it was seconded by Councilmember Van Beber, received nays from Councilmembers Beemer and Parchment, with President Teksten casting the tie -breaking vote of aye, and the motion carried. Resolution 226, Salary for Assessor Councilmember Welch made a motion to approve Resolution 226, it was seconded by Councilmember Van Beber, received all ayes, and the motion carried. NEW BUSINESS: Coordinator Reports/Councilman Reports There were none. Bills Councilmember Welch made a motion to approve bills, it was seconded by Councilmember Beemer and carried. The bills were paid as follows: • Weld County Phone Bill for September $25.00 Councilmember Beemer made a motion to approve bills, it was seconded by Councilmember Parchment and carried. The bills were paid as follows: • Greeley Tribune Publication of 2nd quarter RTTP $57.30 ADJOURNMENT: By acclamation, the meeting was adjourned at 7:35 p.m. November 21, 2022 / Council Pre ent, Nancy Teksten oun il ecretargnsda Kane The rtI ssion of the Weld County Information Technology (IT) Department if, to provide respon'live, adaptive, transforrnative, innovative, and cost- effective information technology solutions and se -vices. STRATEGIC PLAN • Information Technology Plan • Ten Strategic Domains • Infcrmation Technology Security • Cloud Services • Consoildation and Optimization • Budget and Cost Contr. • Human Resource ' Talent Management • C titer, and Departmentalcnoblement • Mobility • Disaster Reco,er, and 1.siness Cortrinuity • Geagrapnic ?formaTion Systems • Public Safetynformat'on Techno:ogy FSIT •• Weld County Strategic Priorities • 6 Priorities • Ensure Healthy, Safe, and Livable Commun;ties • Balance Growth and Development • Plan for Resilient Infrastructure, Faci'sities, and Resources • Be an Employer o£ Choice • Provide excellent, Cost -Effective Service Delivery. • Enhance Accessible Communication, Outreach, and Awareness PROJECT PORTFOLIO • Project Management Office (PMO) provides transparency, cost control, and accountability • Recurring meetings with all county departments and offices throughout the year • Information Technology Annual Project Submittal Process • For the past nine years, an average of 75 — 100 IT projects annually • Some transcend fiscal year, multi -year projects i.e., digitization of physical media, public safety project, fiber optic cabling, ERP, etc. • Board of County Commissioner quarterly reports and annual summary 6 CYBERSECURITY POSTURE CONT. • Physical • Data Center Controls — ID Card Access, Video Surveillance, Environmental Monitoring • Host • Cloud -based secure DNS, Data Loss Prevention, Endpoint Detection, and Response • Network and Data Center • Application layer firewalls, Diverse connectivity, Disaster Recovery Facility, AirGap Technology, off -site backups, backups nightly, weekly, monthly, and annually. 9 CYBERSECURITY POSTURE CONT. • Application • Strict change management policy (1000 documented changes in 2021, 675 2022), security vulnerability scans (internal and external), monthly patch management strategy (including zero -day), vendor management • People • Monthly mandatory security training, coordinated phishing campaigns, centralized IT security training on enterprise applications, cybersecurity insurance, multi -factor authentication DO 5 Weld County Information Technology Strategic Plan 2021-2022 Tactical Goal 1.2 Provide end -user awareness and education — of the importance of protecting the information of the Weld County citizens, employees and the systems we support. Develop security onboarding processes that assist employees with best -practices on how to handle sensitive data. Work with Human Resources to develop IT Security training classes for all County team members during the County onboarding process, as well as provide subsequent follow-up and refresher training throughout the tenure of county employees. Provide monthly IT security updates that include information on how to continue to protect County digital assets. Domain 2 — Cloud Services Weld County embraces the spirit and the potential value -add of Cloud Computing. Weld County IT will use a thoughtful, blended and transparent approach when implementing these technologies and services and will guide the County on the uses and benefits of Cloud Computing. This will allow us to leverage the potential increases in system availability, application stability, security and functionality of services associated to Cloud Computing. County Strategic Area of alignment —Enabling Strategies Tactical Goal 2.1 County Business Intelligence Dashboard — Leverage the Microsoft Power Business Intelligence cloud -based business intelligence dashboard to continue to develop an environment that can be used by departments and offices to better manage and review data sets. Develop an interface into the County Intranet for dashboard access and customization. Tactical Goal 2.2 Incorporate Cloud Services review into all IT procurement procedures —to ensure that the cost - benefit of hosted services vs. on premises services is being evaluated. Incorporate a formal scoring and evaluation process into the application portfolio. Evaluation criteria will include; if the vendor offers a hosted solution, is there sensitive data involved, overall complexity of leveraging the solution, the cost benefit to the County, and end -user impact. Domain 3 — Consolidation and Optimization Network, Voice, Data Center, Enterprise Applications and Storage environments are all critical components of the Weld County IT infrastructure. Traditional data centers have substantial electrical, cooling and cabling requirements. Hardware and software virtualization technologies provide the ability to consolidate these environments. This consolidation assists Weld County IT with keeping capital and operational expenses lower, while still providing a highly available and robust network and server environment. Consolidating network and voice services allows the County to leverage investments into core network technologies and provides a more robust and functional County phone system. Implement advanced features that will optimize call centers for Human Services, Information Technology and other County offices and departments. Providing a comprehensive application portfolio Information Technology Strategic Plan January 22 Domain 4 - Budget and Cost Control Leading with responsive, innovative and cost-effective services is a core value of the County. IT is an important part of this value and focusing on cost control, cost reduction and budget transparency is an important part of our mission. This should be done internal to IT, but also focusing on other departments and offices technology to ensure we are investing in proven applications and hardware that integrate into the existing environment as well as achieving the business need. County Strategic Area of alignment— Public Safety, Health Service, Human Services, Transportation, Community and Economic Development, Enabling Strategies. Tactical Goal 4.1 Contract review associated to hardware, software and professional services is an iterative process within IT— reviewing agreements for potential issues and for ways to lower cost ensures accuracy of the services provided, but also allows a comprehensive review of the associated services to ensure they are still relevant for the business. Researching alternatives to typical maintenance models have the potential of lowering cost and simplifying the overall contract renewal process. Tactical Goal 4.2 Review the IT annual budget and the five-year IT Capital Improvement Plan — Develop a line -item annual budget for IT that provides transparency into the IT services provided to the County. Incorporate an annual review of the IT CIP to validate accuracy, cost and that the technologies referenced are still relevant to the County's business. Domain 5 — Human Resource / Talent Management Hiring and retaining quality IT team members enables higher levels of service and professionalism to County offices and departments. Creating a work environment that is open and communicative assists with the recruiting of qualified IT professionals. Implementing a flexible schedule allows for team members to achieve a work/life balance and ultimately expands the hours of support provided by IT to the County. Working within the County framework, develop a compensation plan for the IT department. Having a compensation plan provides team members the ability to plan and forecast their career path. This plan, along with investing in team member's professional development builds continuity and a consistent team knowledge base. County Strategic Area of alignment — Enabling Strategies Tactical Goal 5.1 Align technology, IT security awareness and services with professional development opportunities — to better support the needs of the County we must have a highly skilled and trained workforce. As technology advances, we must stay current with our skills and expertise. Information Technology Strategic Plan January 22 online submission form that will assist the County with the specific information and criteria that is needed to assess the overall project and value to the County and/or respective area. The process needs to align with the County's annual budget cycle, but also allow for the flexibility that technology projects must have. Detailed documentation and evaluation criteria will be provided to the County to ensure transparency with the process. Criteria will be weighted accordingly and provided to the County for review. Domain 7 — Mobility Anytime / anywhere computing is a requirement for all technology enabled organizations. The ability to have a mobile workforce is critical in today's world along with providing a mobile friendly technology environment that is functional across all types of mobile devices and operating systems. County department and offices have the need to move seamlessly from office, to the field, to home and beyond. This mobility needs to be done in a secure and functional way that is fully supported by the IT department and the associated application vendors the County uses to perform its specific functions. County Strategic Area of alignment — Enabling Strategies Tactical Goal 7.1 Create an IT mobility roadmap - that includes an application alignment matrix so that the preferred device is deployed for the appropriate job function. Update IT inventory and identify device refresh for mobile phones and tablet devices. Continue to research the potential benefits of a County BYOD model. Review security of the mobile environment to ensure compliance with County code and acceptable use. Tactical Goal 7.2 Implement a remote access portal that will allow for connectivity from County owned and non - County owned devices — configure a remote access portal that will allow County employees to work from anywhere they have internet connectivity. Enterprise applications will be made accessible if the connected device has the appropriate security patches and anti -virus updates. The ability to perform a "host" check prior to authenticating is critical to the security of the County network and enterprise applications. Domain 8 — Disaster Recovery and Business Continuity Information Technology provides the foundation for many of the County's critical services. Disaster recovery and business continuity planning are a part of every successful organization. Determining mission critical IT services is a collaborative process and involves all departments and offices within the County. We must be able to communicate, process critical County functions such as payroll, and deliver services to the citizens of Weld County during disasters. The ability to recover critical services is dependent upon hardware, software and key personnel. An environment that is geographically located far enough from the County is ideal, Information Technology Strategic Plan January 22 Tactical Goal 9.3 Support emergency planning, response, and recoveryThe County will continue to improve GIS data and services to support disaster response and recovery through the implementation of resources that facilitate the rapid production and operational use of Geographic Data. These resources will leverage a balance of technologies to maximize operational availability regardless of the type of event that may occur. Domain 10 — Public Safety Information Technology (PSIT) Public Safety Information Technology focuses on providing a robust, stable, and secure computing environment for all the county agencies that utilize the enterprise applications, systems and networks provided for supporting the public safety agencies within Weld County. County Strategic Area of alignment— Public Safety, Health Service, Human Services, Transportation, Community and Economic Development, Enabling Strategies. Tactical Goal 10.1 Develop a consolidated reporting and business intelligence model — Historical data sources need to be reviewed, inventoried and consolidated for access. The repository should be secure, follow all data custody rules and regulations and be accessible to the appropriate data stewards. Tactical Goal 10.2 Develop a 5 -year public safety IT capital improvement plan — Identify key network and system components that will be refreshed and/or replaced within the next 5 years. Public safety infrastructure is critical to the safety of the citizens of Weld County and the foundational elements of the applications must be reliable, redundant, and secure. Tactical Goal 10.3 Focus on business process improvement with the enterprise public safety system —Work with key stakeholders to continue to leverage the investment in the public safety system so that the system meets current and future expectations. Continue to leverage the business process analysis model for constant review and improvements. Information Technology Strategic Plan January 22 Complete Portfolio - Project Status as of September 30, 2022 Current Projects 81 Completed Projects 41 Effort & Budget by Department Project Actual Approved Department Count Hours Budget Clerk to the Board Communications/Dispatch Facilities Fleet Services Human Resources 19 313 3490 $0.00 Approved Budget $10,346,852 Budget Spent $5,844,493 $680,000.00 $12,000.00 $0.00 $0.00 Budget Remaining $0.00 $463,661.61 $12,000.00 $0.00 $0.00 Project Status Budget Remaining $4,502,359 Project Health Actual Hours 40,124 IT IT - GIS Office of Emergency Management Oil & Gas Planning - Planning & Zoning Planning Department Public Safety Public Works Social Services Treasurer Weld 28 10 14 88 60 703 716 1908 16058 $2,077,498.65 $0.00 $0.00 $0.00 $0.00 $0.00 $477,800.00 $43,800.00 $75,000.00 $12,000.00 $5,082,472.59 $1,143,293.40 $0.00 $0.00 $0.00 $0.00 $0.00 $189,215.09 $29,167.47 $36,712.50 $12,000.00 $2,441,958.75 19 _ 10 al completed !W In Progress Not started Li On Hold mien Plan is Needs a MI Off Plan S?IF 131.an knTvPl5 Top IssueIssue Count Budget 1 Resource Schedule 11 Commissioner Mike Freeman - Project Status as of September 30, 2022 (far the Departments that you coordinate) legend - Healm Green (On Plan)...iF within budget, within one week of schedule, resources available [o complete protect, scone aspldnnetl Yellow (Needs At[endon)...if within 10% of butlye[ OR between 1-4 weeks behind schedule OR minor resource styes OR minor smDe changes Red (Off e'ar.)._ rf greater than 10% of budge[ Ora greater than 4 weeks behind >Uedule OR resources no[ available OR moor scope changes Current Projects Not :farted On Hold Project Name Ptanrred Welq Revised Prefect Top Approved Budge[ Budget Budget Actual Complete Finish Finish H�Ith issue Budget Remaining Year - Cycle Hours PS -1375 2022 ProNre NetMotion Licenses 0% 12/31/22 Dn Pldn `?? $17,000 $17,000 2022 On Lytle WEL.2888PA- County Contract Approval/Management easiness 0% 12/31/22 - DitPla)r . D 0 2022 On Cycle 7-1355 2022 Data Domain - DR SITE 90% 9/1/22 11/15/22 .,-�n P)a ; $250,515 0 2022 - • Or Cycle 54 1--1358 2022 Compute 5% 9/30/22 $230,000 $230,000 2022 Or Cycle 24 IT -1361 2022 vCRFL Network 25% 8/30/23 µ OPiar) $20,000 $13,655 2022 On Cycle 1,1366 2022 Won NAS Storage 25% 8/31/22 11/15/22 . ,, a :' li scnedule $110,000 $19,179 2022 On Cycle IT -1447 2023 Network Commcnirations - Building New. Switches 5% 9/29/23 '; �OgP�ar)" y:l $262,361 $262,361 2023 Off Cycle 17-560 Disaster Recovery Business Continuity Planning Phase CL 25% 12/31/23 �',(ttEld.'p 0 0 2017 On Cycle 680 li^ WE10.1383 2022 Microsoft Anwem al Agreement � 1% 12131/22 3967,671 $20,418 2022 On Cycle Yde Completed Projects Project Name HEA-1253 Death Certificate Scanning Project HEP-1337 2022 COmmun./ Health Survey 1T-1216 Data Center- Compute 1T-1248 Managed File Transfer (MET) Conversion IT -1250 Protegee% Upgrade IT -1287 35th Ave Widening IT -1290 Cyber Recovery for Ransomware (Air Gap) IT -1295 IT Migrate RSA to Cloud MFA 1T-1299 'Payment Migration to Cloud 1T-1305 Upgrade TMA IT -1311 Streamline Assessor Datamad and Portal Data Proress 1T-1312 RTA System Upgrade IT -1322 Upgrade and Migration of Tyler C8R database IT -1323 Upgrade and Migration of Tyler Treasurer database IT -1362 2022 UPS IT -1365 2022 Certificates 1,1381 Judicial Carpeting B Qbling 1T-1440 Crowd5tike Antivirus Trial IT -794 Trader Replacement / Change Management Solutions IT -887 Decommission of 2008 OS. PS -1095 2020 Data Center - Server NSX Firewall and IPS PS -1231 Data Center - System Log PS -1233 Network Communications - Public Safety Network Switches PS -1376 2022 Procure RSA Tokens and Licenses PS•713 Alchemy Data Migration WELD -1125 Improve Act. Citizen Access (ACA) usability and Functionality WELD -1134 Tracking Red Lining process work.in Accela WELD -1292 IE 11 to Microsoft Edge Upgrade WELD -1387 2022 Adobe Creative Cloud WELD -1395 2022 Employee Resident Report Processing Approved Budget Budget Spent Budget Remaining Budget Year Budget Cycle Completion Date Actual Hours $25,000 $4,860 $20,140 2022 On Cycle 9/7/22 0 2022 On Cycle /10(22 $409,076 $406,637 $2,439 2021 On Cycle 8/23/22 0 0 2021 Off Cycle 7/29/22 0 0 0 2021 Off Cycle 9/27/22 $94,210 $94,210 0 2021 Off Cycle 1/21/22 $670,000 $606,312 $63,688 2021 Off Cycle 6/29122 $3,000 $3,600 ($600) 2021 Off Cycle 8/31/22 $38,800 $33,248 $5,552 ' 2021 Off Cycle 5/31/22 0 7 0 2022 On Cyr. 6/29/22 0 0 0 2021 Off Cycle 4/26/22 0 0 0 2022 On Cycle 3/29/22 $10,000 0 $10,000 2022 On Cycle 8/9/22 $10,000 0 $10,000 2022 On Cycle 7/19/22 $15,000 58,625 $6,375 2022 On Cycle 9/21/22 $2,000 0 $2,000 2022 On Cycle 4/26/22 C 0 0 2022 Off Cycle 6/28/22 0 0 0 2022 Off Cycle 9/2/22 $50,000 $43,500 $6,500 2019 On Cycle 2/11/22 0 0 2018 OffCycle 6/2/22 $10,000 $10,000 0 2020 On Cycle 5/12/22 $15,000 0 $15,000 2021 On Cycle 1/14122 $80,000 $80,495 ($495) 2021 On Cycle 6)29/22 $11;000 0 $11,000 2022 On Cycle 6/29/22 tl 0 0 2017 Off Cycle 7/29/22 $141,481 $141,369 $112 2020 Off Cycle 8/9/22 $96,405 $96,405 0 2020 Off Cycle 4/8/22 0 0 2021 Off Cycle 6/28/22 $112,000 $111,368 $632 2022 On Cycle 2/10/22 0 0 0 2022 Off Cycle 7/26/22 34 76 324 1,281 189 86 1,232 142 303 170 208 86 51 25 71 4 65 35 1,282 1,479 80 38 0 1L 3,482 1,549 23 0 88 Newsletters Webinars Events Magazine Papers Special: Al Civic Cloud Cybersecurity NHS Industry K-12 Local Network CIVIC INNOVATION Why a Colorado Government Shifted Its Website to .Gov Domain Weld County, Colo., officials this month took a new action to improve the county's cybersecurity as it shifted to a .gov domain name, according to a news release from county leadership. October 13, 2022 • Trevor Reid, Greeley Tribune (TNS) — Weld County officials this month took action to improve the county's cybersecurity as it shifted to a .gov domain name. ;.,... e county's website is now hosted at weld.gov, as of Oct. 5, though the public can still h ttps://www. g ovtech. com/civic/why-a-Colorado-government-shifted-its-website-to-gov-dom a i n 1/6 used a .com domain because the .gov domain was expensive to purchase and somewhat complicated to obtain. In 2021, the domains were made available at no cost to qualifying organizations, following the .gov domain's shift from the U.S. General Services Administration to the Cybersecurity and Infrastructure Security Agency. "Over the years, as technology has improved and increased in our daily use, people looking to commit online fraud have become more sophisticated," Rose said in the release. "Government at all levels understand the importance of keeping their systems and information safe, and this is just one more way Weld County is doing just that" ADVERTSEMENT The move to weld.gov comes during Cybersecurity Awareness Month and follows a number of cyberattacks on government websites. The day of the move, the Colorado state government's homepage, colorado.gov, was taken down due to a cyberattack. In Frederick officials announced they were investigating allegations that hackers https://www.govtech.com/civic/why-a-colorado-government-shifted-its-website-to-gov-domain 3/6 r PRIORITIES AND BEST PRACTICES !'1= XCHANGE Fighting cyberattacks in local government has become even more difficult in recent months due to attacks such as the SolarWinds breach and Microsoft Exchange (email) exploit, as well as the current pandemic environment and resulting increases in cloud adoption and remote work. These recent events coupled with the rise in ransomware, IoT devices and user credential harvesting, are raising the security bar for what counties need to implement and what they should be doing with end users as it pertains to cyber security. The National Association of Counties through the NACo Telecommunications and Technology Policy Steering Committee established the following priorities: Funding assistance in any form deemed necessary to provide forthe information technology resources required to adequately provide security at all levels; Funding assistance for basic security awareness training of employees and advanced security training for information technology professionals within local government including assistance in the completion of advance certification and degree programs; Cooperative efforts in information sharing among all federal, state, and local governments in addition to private sector organizations regarding breaches, potential threats, threat levels, and any techniques that would assist in the prevention or mitigation of cyber related threats; Collaborative efforts in the form of committees or task forces that are inclusive of local government membership with federal agencies such as the Department of Homeland Security and subprograms such as NCC, US-CERT, and ICS-CERT; Creation of programs and initiatives that designate local government Cybersecurity liaisons and/or representatives that serve in conjunction with federal agencies such as the Department of Homeland Security Further, in working with the NACo Tech Xchange, as well as national resources and other county IT leadership, it has become apparent how important funding and related resources are needed by counties. This is especially evident in the small to mid -size counties, who face the greatest challenges with implementing and maintaining cyber best practices. Specifically, the following are best practices that are the most important for county cyber needs that exist today to address the increasing onslaught of Cyber Attacks. Cost Cyber Defense Impact Workload Effort The icons represent the percentage of cost, impact on cyber defenses and workload effort needed to implement the priority. The more complete the outer circle of the icon is, the higher the percentage of cost, impactor workload, but also is dependent on current county circumstances. MFA (Multi -Factor Authentication) It is a proven fact that multi -factor authentication significantly decreases the amount of successful cyber-attacks on a county. Depending on the main technology platform that a county has implementedfor end user authentication, will determine the cost, as well as time and resources needed. And let us not forget the education with end users. MFA solutions alone can run into hundreds of thousands of dollars, depending on the size of the county. DMARC (Domain -based DMARC is an email authentication protocol. The percentage of local government Message Authentication, implementing this security feature is on the low side. The main cost associated with DMARC is hiring the resource to handle implementation of the feature on a county's Reporting and Conformance) existing infrastructure or training current IT staff to do so. S Cyber Security Priorities and Best Practices National Association of Counties NACU I Page 1 End User Education End User Protection MS-ISAC membership Policies More counties are seeing the benefits in implementing a COTS solution for phishing tests and then follow-up end user education. Both of those efforts involve time, but more importantly funding to address. An average size county of 200 employees would cost $5,000 or more depending on the modules included. Further, counties should be participating in cybersimulations and tabletops on a regular basis. Depending on the provider, this cost can range from $900 per person or $5000 per event, neither of which is affordable even for mid -size counties. With the prospect of many county employees continuing to work remotely in some fashion, there is the need for increased end user device and access protection. This includes implementing the next generation of anti -virus, implementing automatic remote patching and other tools and software that will secure these endpoints devices. All of which involve increased expenses, both initial and on -going. The Multi -State Information Sharing and Analysis Center provides valuable security resources for counties. Initial membership is no -cost, with additional services available for cost. Given the significant no -cost benefits, every county should be a member. To date, less than one third of counties are members. This means that counties are missing out on security benefits such as vital alerts and notifications of exploits, patches and breaches. The challenge is that it takes time and resources to create marketing campaigns that will reach all counties. Conversations with a county explaining the benefits and getting a county signed up takes resources as well. It is imperative to have a stand-alone cybersecurity policy that at a minimum covers roles and responsibilities. Security incident policy, forms and procedures can also fall under this stand-alone policy. While many counties have the resources to create such a policy, smaller counties may need paid outside assistance to create. These eleven represent the county cybersecurity needs for 2021. More information can be provided by Hello