IT Security

Our Mission

To Serve with Excellence, Lead through Innovation, and use Technology to make a Positive Difference in Chattanooga

Our Vision

To be the most technologically advanced city, by cultivating a collaborative environment where intentional actions drive innovative solutions, empowering our team and communities to be catalysts for positive change.

Responsibilities

Protecting Sensitive Data:

  • Ensuring the confidentiality, integrity, and availability of sensitive data, including personal information of citizens, financial records, and other critical data held by the city.
  • Implementing strong encryption, access controls, and secure data storage practices to prevent unauthorized access and data breaches.

Ensuring Continuity of Services:

  • Maintaining the availability and functionality of critical city services such as emergency response systems, public utilities, and communication networks.
  • Developing and regularly updating disaster recovery and business continuity plans to quickly restore services in the event of an incident.

Defending Against Cyber Attacks:

  • Defending against various types of cyber threats including malware, ransomware, phishing attacks, and denial-of-service (DoS) attacks.
  • Employing a multi-layered security approach that includes firewalls, intrusion detection/prevention systems, and regular security audits.

Compliance and Regulatory Requirements:

  • Adhering to local, state, and federal regulations regarding data protection and privacy, such as the General Data Protection Regulation (GDPR) or the Health Insurance Portability and Accountability Act (HIPAA).
  • Regularly reviewing and updating policies to ensure compliance with evolving legal requirements.

Educating and Training Employees:

  • Conducting regular training sessions for city employees to raise awareness about cybersecurity best practices, social engineering threats, and the importance of strong password policies.
  • Promoting a culture of security awareness throughout the organization.

Incident Response and Management:

  • Establishing a clear incident response plan that outlines the procedures for detecting, reporting, and responding to security incidents.
  • Regularly testing the incident response plan through drills and simulations to ensure readiness.

Securing Infrastructure and Networks:

  • Protecting the city's IT infrastructure, including servers, networks, and endpoints, from cyber threats.
  • Implementing network segmentation, secure configuration management, and regular vulnerability assessments to minimize security risks.

Vendor and Third-Party Management:

  • Ensuring that third-party vendors and contractors comply with the city's security standards.
  • Conducting regular security assessments of third-party services and systems to identify and mitigate potential risks.

The IT Security Team protects the city’s citizens, data, and employees by implementing PAIR:

  • Prevention

  • Awareness

  • Incident Response


PAIR is based on the NIST 800.53 and CSF 2.0 cyber security frameworks.

Leadership

AB
Allen Blaylock
Security Analyst
PF
Pat Finnegan
Security Analyst

Leave Us A Message

Indicates required field

Contact Us

IT Security