
Cybersecurity Use Case: San Jose
A 5-Step Procedure Used to Analyze and Improve Cybersecurity in the City

As the “capital of Silicon Valley,” San Jose, California plays host to over a million residents and 85,000 businesses, as well as infrastructure spanning 180 square miles. Ransomware attacks are being felt all over the country, and municipalities have proven to be a “soft target” – that is, it is easy for hackers to identify weaknesses and attack.
San Jose took a serious look at this problem and created a dedicated cybersecurity office in late 2018. At the time, the U.S. tech hub was weak in cyber controls, lacked a security framework, and identified numerous other concerns that needed to be addressed.
In addition to its new cybersecurity office, San Jose now utilizes a NIST cybersecurity framework, CMMI security maturity model, NSA’s Defense-in-Depth information assurance concept of layering security protocols, follows NIST guidelines for the Internet of Things (IoT), and intelligence sharing.
San Jose follows a five-step procedure to analyze and improve security:
- Identify assets, conduct risk assessments, and create a risk management strategy.
- Protect those assets through awareness and training, data security, proper maintenance
and access control, etc. - Detect anomalies and incidents.
- Respond with the protocols you have planned and trained for, analyze the problem,
mitigate damage, and improve the process wherever possible. - Recover by communicating and improving.
Moving forward, Peredo says that his team will focus on patching and upgrading legacy software and other cybersecurity support. A major part of this plan involves training staff and making security a part of everyday habits.
“It doesn’t matter how many layers of technology you put in place and how robust your cybersecurity implementation is if you have a user that clicks in the wrong place and gets you compromised,” says Peredo.