As the “capital of Silicon Valley,” San Jose, California plays host to over a million residents and 85,000 businesses, as well as infrastructure spanning 180 square miles. Ransomware attacks are being felt all over the country, and municipalities have proven to be a “soft target” – that is, it is easy for hackers to identify weaknesses and attack.

San Jose took a serious look at this problem and created a dedicated cybersecurity office in late 2018. At the time, the U.S. tech hub was weak in cyber controls, lacked a security framework, and identified numerous other concerns that needed to be addressed.

In addition to its new cybersecurity office, San Jose now utilizes a NIST cybersecurity framework, CMMI security maturity model, NSA’s Defense-in-Depth information assurance concept of layering security protocols, follows NIST guidelines for the Internet of Things (IoT), and intelligence sharing.

San Jose follows a five-step procedure to analyze and improve security:

1. Identify assets, conduct risk assessments, and create a risk management strategy.
2. Protect those assets through awareness and training, data security, proper maintenance
   and access control, etc.
3. Detect anomalies and incidents.
4. Respond with the protocols you have planned and trained for, analyze the problem,
   mitigate damage, and improve the process wherever possible.
5. Recover by communicating and improving.

Moving forward, Peredo says that his team will focus on patching and upgrading legacy software and other cybersecurity support. A major part of this plan involves training staff and making security a part of everyday habits.

“It doesn’t matter how many layers of technology you put in place and how robust your cybersecurity implementation is if you have a user that clicks in the wrong place and gets you compromised,” says Peredo.