IT Security Team reports 95000 thwarted cyber attempts in recent security review
May 09, 2025 | Environment & Energy, HOUSE OF REPRESENTATIVES, Committees, Legislative , Vermont
This article was created by AI summarizing key points discussed. AI makes mistakes, so for full details and context, please refer to the video of the full meeting. Please report any errors so we can fix them. Report an error »
The Vermont House Energy and Digital Infrastructure Committee convened on May 9, 2025, to discuss critical cybersecurity measures and updates within the state's digital infrastructure. The meeting focused on the ongoing efforts to enhance security protocols and protect sensitive information from potential threats.
The session began with a discussion on recent cybersecurity incidents, highlighting the vulnerabilities associated with open network shares. A representative noted that while these shares facilitate quick data exchange, they also pose significant risks by allowing malicious entities to traverse networks. In response to these challenges, the committee emphasized the importance of proactive measures, including the shutdown of certain information shares and the implementation of automatic alerts to detect unauthorized access attempts.
The representative provided metrics indicating that over the past 70 days, the organization had successfully blocked more than 95,000 attempts to access known malicious IP addresses. This included 36 outbound blocks, underscoring the need for robust network security, especially given the state's extensive public footprint.
The committee also discussed the transition towards a "zero trust" security model, which limits access based on individual roles and requires continuous verification. This approach aims to minimize risks by ensuring that users have only the necessary access to perform their duties. The representative highlighted the importance of multifactor authentication (MFA), noting a current adoption rate of 43% among legislators, and urged further enrollment efforts to enhance overall security.
In addressing the challenges of MFA adoption, the committee acknowledged the resistance from some long-serving legislators to new technologies. Strategies to improve compliance were discussed, including the potential for more direct notifications and assistance from IT staff to facilitate the enrollment process.
The meeting concluded with a review of the organization's phishing simulation success rate, which has improved to a 95% success rate over the past three years. This reflects a growing awareness among staff regarding cybersecurity threats and the importance of vigilance in reporting suspicious activities.
Overall, the meeting underscored the committee's commitment to strengthening Vermont's cybersecurity framework and ensuring that all members are equipped with the necessary tools to protect sensitive information. The ongoing efforts to enhance security measures will continue to be a priority as the state navigates the complexities of digital infrastructure.
The session began with a discussion on recent cybersecurity incidents, highlighting the vulnerabilities associated with open network shares. A representative noted that while these shares facilitate quick data exchange, they also pose significant risks by allowing malicious entities to traverse networks. In response to these challenges, the committee emphasized the importance of proactive measures, including the shutdown of certain information shares and the implementation of automatic alerts to detect unauthorized access attempts.
The representative provided metrics indicating that over the past 70 days, the organization had successfully blocked more than 95,000 attempts to access known malicious IP addresses. This included 36 outbound blocks, underscoring the need for robust network security, especially given the state's extensive public footprint.
The committee also discussed the transition towards a "zero trust" security model, which limits access based on individual roles and requires continuous verification. This approach aims to minimize risks by ensuring that users have only the necessary access to perform their duties. The representative highlighted the importance of multifactor authentication (MFA), noting a current adoption rate of 43% among legislators, and urged further enrollment efforts to enhance overall security.
In addressing the challenges of MFA adoption, the committee acknowledged the resistance from some long-serving legislators to new technologies. Strategies to improve compliance were discussed, including the potential for more direct notifications and assistance from IT staff to facilitate the enrollment process.
The meeting concluded with a review of the organization's phishing simulation success rate, which has improved to a 95% success rate over the past three years. This reflects a growing awareness among staff regarding cybersecurity threats and the importance of vigilance in reporting suspicious activities.
Overall, the meeting underscored the committee's commitment to strengthening Vermont's cybersecurity framework and ensuring that all members are equipped with the necessary tools to protect sensitive information. The ongoing efforts to enhance security measures will continue to be a priority as the state navigates the complexities of digital infrastructure.
View full meeting
This article is based on a recent meeting—watch the full video and explore the complete transcript for deeper insights into the discussion.
View full meeting