“You hear people talk about disaster recovery. You hear people talk about business continuity. During those phases you look at what your critical applications are, and you rank them. And so you go through a process, and you look at, ‘hey, what poses the most risk, if accessed?’” said Gary Brantley, chief information officer for Atlanta, speaking during a city-produced “video special report” offering an update on recovery from the March 2018 cyberattack.
The ransomware attack widely affected city operations and abruptly thrust Atlanta back to the days when police officers filed handwritten reports and residents paid water bills by mailing in a check. Even the Wi-Fi signal at Hartsfield-Jackson International Airport — the busiest in the world — was knocked out.
CIO Special Report Final City Of Atlanta from City of Atlanta on Vimeo.
“What we focused on more recently was getting back to operational basics,” Brantley remarked. “We are now trying to establish a blueprint for other cities and government agencies across the country. How do you recover, in a way that doesn’t affect operations? How do you set up your infrastructure and your architecture in a way that doesn’t allow the city to suffer?”
Atlanta receives about 1,000 cyberattacks a day, according to the CIO.
“They’re coming constantly. They’re coming from all over the country. It’s constant. It’s almost minute-by-minute, second-by-second,” he said. “You have to have eyes on your infrastructure, constantly. You have to have a security strategy around everything that you introduce into your environment.”
Other safeguards the city has taken include moving more IT and data operations to cloud-based platforms.
“I think the mayor has really done an outstanding job of making some good moves. She’s focused on collaboration, but also putting money into the infrastructure,” said Brantley. “We’ve done a great job so far, and I am extremely confident about the direction that we’re going.”
