County cybersecurity chief outlines staffing, framework and AI risks in posture update
Get AI-powered insights, summaries, and transcripts
Sign Up Free
Summary
The county’s cybersecurity administrator reported establishing a countywide cybersecurity framework, improvements to email security and policy updates, and warned of staff shortages and evolving AI risks; he proposed expanding awareness and partnerships.
Anthony DuBose, the county’s cybersecurity administrator, briefed the commission on the county’s cybersecurity posture, key accomplishments and risks. DuBose said he has established a countywide cybersecurity framework, strengthened email protections, updated security policies to cover cloud and AI concerns, and streamlined public-records (IPRA) processing.
DuBose told commissioners the information-security team is a single-person office with supporting partners and that staffing shortages and legacy systems limit the county’s ability to shift from reactive to proactive security. He reported the team had handled hundreds of security requests and ticket items this fiscal year and said the county observes automated scans and probing at a high rate.
DuBose recommended expanding security awareness training (including phishing and deep‑fake testing), growing incident-detection capabilities, enhancing partnerships with FBI InfraGard and CISA, and developing AI governance controls. Commissioners praised IT staff and emphasized the individual responsibility of county employees to avoid risky online behavior; commissioners asked for continued updates as staff expand capabilities and define key performance indicators for security operations.
DuBose outlined a milestone roadmap that includes a current-state assessment, adoption of a governance-risk-compliance (GRC) framework, standardizing security policies and launching an expanded awareness program. He said the county will prioritize modernizing infrastructure, improving detection and response, and aligning with federal AI guidance.