Episode 61 - Colorado State EM Director Mike Willis and CISO Debbi Blyth Discuss the Response to a Catastrophic the 2018 CDOT Cyber Attack
Description
Summary
In this episode, Mike Willis and Debbie Blyth discuss a cyber attack on the Colorado Department of Transportation (CDOT) and the crisis management response to it. The attack occurred in February 2018 and affected CDOT's systems, including HR, payroll, contractor payment, variable message signs, toll collection, and more. The attack was initiated through a misconfigured virtual server in public cloud infrastructure, which allowed the attackers to gain access to the CDOT domain. The response involved the collaboration between CDOT, the Colorado Office of Emergency Management, and the Colorado National Guard. The National Guard was mobilized through a state emergency declaration by Governor Hickenlooper. The conversation highlights the importance of collaboration and trust in crisis management. The establishment of a unified command and the use of incident management teams were key in coordinating the response. Nutrition and hydration were prioritized to ensure the well-being and performance of the response team. The joint information center played a crucial role in managing public and internal messaging. Emergency purchasing and tracking were supported by the Office of Emergency Management. Lessons from this incident can be applied to the corporate sector, emphasizing the need for cybersecurity and crisis management teams to work together.
Takeaways
The cyber attack on CDOT was initiated through a misconfigured virtual server in public cloud infrastructure.
The attack affected various systems and operations within CDOT, causing significant disruption.
The response involved collaboration between CDOT, the Colorado Office of Emergency Management, and the Colorado National Guard.
The National Guard was mobilized through a state emergency declaration by Governor Hickenlooper. Collaboration and trust are foundational in crisis management.
Establishing a unified command and using incident management teams help coordinate the response.
Prioritizing nutrition and hydration improves the performance of the response team.
A joint information center is crucial for managing public and internal messaging.
Emergency purchasing and tracking are important for cost assessment and accountability.
Lessons from this incident can be applied to the corporate sector, emphasizing the need for collaboration between cybersecurity and crisis management teams.
Contact Information
Debbi Blyth
https://www.linkedin.com/in/deborah-blyth/
Mike Willis
https://www.linkedin.com/in/brigadier-general-ret-michael-willis-a8b49a37/
Summary
In this episode of '5 Minutes to Chaos', host Steven Kuhr engages with Rich Pepe, a seasoned crisis management professional with extensive experience in law enforcement, emergency services, and corporate security. The conversation explores Rich's journey through the NYPD Highway Patrol,...
Published 11/21/24
Summary
In this episode of Five Minutes to Chaos, Steven Kuhr and Peter LaPorte discuss the intricacies of crisis management and emergency response, drawing from their extensive careers in the field. They explore the evolution of emergency management, the importance of community engagement, and...
Published 11/14/24