Case Study: Jefferson County, Idaho
Third-Party Validation Threat Assessment Leads To Enhanced Cybersecurity Protections
Less than 100 miles west of Yellowstone National Park, Jefferson County, Idaho, offers scenic views and unparalleled wildlife sightseeing at either the Camas National Wildlife Refuge or Mud Lake Wildlife Management Area. The county seat, Rigby, is famous as the home of Philo Farnsworth, inventor of the first television system including both a TV receiver and camera. The region was originally founded in the mid 1800s by Pioneers trekking the Old West.
Jefferson County IT Director, Garn Herrick, had recently completed a new next-generation firewall deployment combined with additional security features from his firewall vendor.
However, Garn knew even the best-practices reactive measures on offer from next-generation firewalls no longer can be assumed to be considered comprehensive protection due to the size and scope of today’s cybersecurity attacks and the fact that organizations like Jefferson County now endure almost half of all attacks – far more than any other private or public sector organization.
Garn was aware of the International City/County Management Association (ICMA) published report for State and Local governments entitled “A Look at Local Government Cybersecurity in 2020”, that directed small governments to better protect sensitive personally identifiable information being stored on their networks.
He also knew about the alarming growth of cybersecurity attacks targeting small county and municipal government networks beginning in 2020 that drove the Cybersecurity Infrastructure Security Agency (CISA) to publish its Cybersecurity Performance Goals (CPGs) recommending a variety of third-party validations available to public and private sector organizations at no cost.
The next task on Garn’s cybersecurity action plan was to align with recent guidance from CISA on third-party validations as a method of identifying any potential gaps in cybersecurity protections through penetration tests, risk assessments, and vulnerability scans.
Like many IT professionals, Garn understood that directives from both CISA and ICMA are critical to follow, but also that the size and budget constraints of organizations like Jefferson County greatly impact their ability to prevent attacks.
As Garn began his search for third-party validations he encountered Trinsio, a technology solutions provider who offers low and no-cost options designed to empower IT departments with tools to protect their networks and data.
A threat assessment from Trinsio identified that a large percentage of the inbound and outbound traffic to and from Jefferson County’s firewall was actually malicious in nature. This data aligned with the majority of similar threat assessments performed by Trinsio for smaller county or municipal governments, further re-enforcing the threats reported on by CISA, ICMA, and other similar groups. It was evident by this data that the consensus across the cybersecurity community is correct, that simply deploying a next-generation firewall is no longer enough protection.
While still a critical part of network security, a firewall’s reactive approach to dealing with threats when paired with a proactive Active Defense with Real-time Threat Intelligence solution offers a new level of cybersecurity protection for any network.
“Even with the peace of mind that came from my next-gen firewall deployment, I knew that my county’s network may not be fully protected (especially from outbound traffic that typically isn’t dealt with at the firewall level). Trinsio’s free threat assessment really opened my eyes to the large number of both incoming and outgoing threats our network was getting exposed too. I told Trinsio about my budget limitations, but they were able to quickly design and deploy an affordable, proactive solution that sits in front of my firewall blocking millions of threats before they hit my network while also blocking potentially malicious outbound traffic at the same time.”
Garn Herrick
IT Director – Jefferson County
Trinsio’s Solution
Trinsio’s threat-blocking technology, powered by Threater’s Active Defense with Real-time Threat Intelligence, proactively protects against threats from every path in your network. Leveraging more than 50 world-class cyber intelligence feeds, Trinsio can inspect, block, and log every known threat trying to access your network.
Since Threater sits in front of the firewall, Jefferson County did not need to rip-and-replace any existing network gear making the process quick, easy, and cost-effective. Millions of bad actors now are being actively blocked on a daily basis before traffic ever reaches Jefferson County’s firewall providing Garn and county officials with an enhanced level of confidence in their security stack.
Results
- Millions of identified threats detected
- Significant reduction in time spent monitoring network traffic
- Implementation of blocklist containing millions of known bad actors
- Cost-effective solution that fit the county’s budget
constraints and needs - Active defense built on real-time threat intelligence
Challenges
- Searching for guidance on CISA-recommended third-party validation testing services
- Recent deployment
of new next-gen firewall - Small, rural county with limited budget.
- Ideal target for cyber-attackers