Skip to content

Denver Lacks Comprehensive Approach to Cybersecurity, Auditor Finds

Denver Lacks Comprehensive Approach to Cybersecurity, Auditor Finds
The city’s approach to cybersecurity risks is at best “informal,” according to Denver’s auditor. Mandatory training is often skipped and oversight of some facilities is lax.

Table of Contents

Denver's approach to cybersecurity risks is at best "informal," according to a new report by the city's auditor, Tim O'Brien. The report found that mandatory cybersecurity training is often skipped, and oversight of some facilities is lax. O'Brien is urging Denver Technology Services to overhaul its approach and create clear guidelines for how every wing of city government handles data and technology risks. The audit report cites officials with Denver County Court as specifically asserting that they have the legal authority to operate independently as the judicial branch of city government. The report also found that Denver's approach leaves the city more vulnerable to equipment failures, service disruptions, and cyber attacks. The city's chief information officer has accepted all seven recommendations in response to the report, and is committed to working across the city enterprise on continuous improvement of technology risk management strategies.

Source

Latest