The Utah County Commission approved item 6 on Sept. 17, which sets out staff procedures for handling cybersecurity incidents and interdepartmental communication about those incidents. County staff told commissioners the policy is intended to enable routine handling of minor issues within departments while ensuring more severe incidents are escalated to executive leadership.

County IT staff said a sizable portion of login attempts and attacks originate outside the United States, frequently routed through VPNs, and that known source regions include Eastern Europe, China and Iran. Staff estimated roughly 30% of attacks originate in Eastern Europe and another 20–30% come from China, while stressing they could not produce an exact number for all incidents.

Discussion focused on when staff should alert commissioners. Staff said the policy is designed so that IT would coordinate with the county attorney and other senior staff to decide whether an incident merits raising to the commission. Commissioners said they expected prompt notice for severe incidents.

Action taken: a motion to approve item 6 carried by voice vote. The record shows commissioners approved the procedural approach and will receive escalations for incidents judged severe by staff and counsel.

No specific new security funding or thresholds were adopted at the meeting; staff retained discretion to work with county leadership to determine notification to the commission.