2021-2022 San Joaquin Civil Grand Jury Releases Report on Cyber Security in San Joaquin County

Stockton, CA —  On June 20, 2022, the San Joaquin County 2021-2022 Civil Grand Jury released its report investigating cybersecurity in San Joaquin County.  Cities and local  governments store sensitive information digitally making them vulnerable to cyberattacks and data breaches that can be disruptive to essential service systems.

In its investigation, the Grand Jury sought to understand the cybersecurity landscape and local governments’ management of their cybersecurity risks and vulnerabilities. Through research of relevant materials and guidance from information system experts, the Grand Jury was able to provide a framework for evaluating the current state of security and disaster preparedness of the Information Technology systems of San Joaquin County and the seven incorporated cities within the county.

The Grand Jury surveyed San Joaquin County IT department heads and the City Manager or City Administrator of each of the seven cities in the county, and interviewed several  other recognized IT experts, to develop nine defined expectations for adequate cybersecurity ranging from organizational charts to cyber event insurance and ransomware policies. Each agency was then evaluated and the results were tabulated to indicate whether an agency met, did not meet, or was in the process of meeting the nine defined expectations.

In this investigation, the Grand Jury found San Joaquin County to be a model agency in the realm of information technology and maintenance of cybersecurity and learned from cybersecurity experts that three key elements lead to maximum agency cybersecurity:

•    A dedicated information security position within each organization.

•    A “seat at the table” with other agency department heads in regular meetings.

•    A rigorous employee education and training program in cybersecurity matters.

The public is encouraged to read the complete report by visiting the Grand Jury’s website.