Commission approves cybersecurity notification policy; staff to escalate serious incidents
Get AI-powered insights, summaries, and transcripts
Subscribe
Summary
The commission approved a cybersecurity-related item that formalizes staff communication and escalation procedures; staff told commissioners many attacks appear to originate overseas and that the county sees frequent login attempts from multiple regions.
The Utah County Commission approved item 6 on Sept. 17, which sets out staff procedures for handling cybersecurity incidents and interdepartmental communication about those incidents. County staff told commissioners the policy is intended to enable routine handling of minor issues within departments while ensuring more severe incidents are escalated to executive leadership.
County IT staff said a sizable portion of login attempts and attacks originate outside the United States, frequently routed through VPNs, and that known source regions include Eastern Europe, China and Iran. Staff estimated roughly 30% of attacks originate in Eastern Europe and another 20–30% come from China, while stressing they could not produce an exact number for all incidents.
Discussion focused on when staff should alert commissioners. Staff said the policy is designed so that IT would coordinate with the county attorney and other senior staff to decide whether an incident merits raising to the commission. Commissioners said they expected prompt notice for severe incidents.
Action taken: a motion to approve item 6 carried by voice vote. The record shows commissioners approved the procedural approach and will receive escalations for incidents judged severe by staff and counsel.
No specific new security funding or thresholds were adopted at the meeting; staff retained discretion to work with county leadership to determine notification to the commission.