How New Jersey's Courts Enhanced Cybersecurity Amid the Pandemic

Network visibility and user training are key to the court system’s approach.

Twitter

Your browser doesn’t support HTML5 audio

When trials and other court proceedings went remote earlier this year in response to the coronavirus pandemic, the New Jersey Courts system had to shift its approach to cybersecurity.

The centralized court system for the Garden State had 750 networks and about 50,000 devices before the pandemic, reports Government Technology.

Sajed Naseem, CISO for New Jersey Courts, says the court system has tackled cybersecurity threats from multiple angles. The system has focused on enhancing the visibility of devices on its networks and increasing cybersecurity training and awareness for users.

“There were additional threat reports that were speaking to Microsoft-related domains, clearly, because of the cloud [services] that were implemented. You had lots of Microsoft activities going on,” Naseem tells CyberScoop. There were increases in ransomware attempts and social engineering campaigns, he says.

“A lot of our time has been spent trying to provide the necessary training, especially related to phishing and social engineering, to our staff,” Naseem says.

Gaining Network Visibility Helps Boost Security

Gaining visibility into network activity is critical for any IT security team, Naseem notes. “As a security person, you cannot protect something you cannot see,” he says.

“Knowing where all your devices are is step No. 1, and this is, believe it or not, the major thing that organizations do struggle with,” he adds. The New Jersey Courts system had made progress on this front, Naseem says, and then was able to identify what kind of traffic was coming into the network and when.

This can be implemented through network access control technologies, Naseem notes. The next step the court system took was to classify different devices into buckets and make consistent policies for how each kind of device is allowed to interact with the network.

Naseem tells Government Technology that what keeps him up at night relates back to what he calls an “engineering problem.”

“To me, everything is about defining things in a big-picture format, then acting on it with an engineering mindset and then training the operational teams to be able to deal with it,” he says.

A key priority for Naseem is to “make sure that those actions by the operational teams are directly in line with the way that we’ve engineered the systems. Did the overnight operational teams know how to act on a particular engineering rule that we’ve created? We’ve seen so far that they know how to do that, but it’s an ongoing situation.”

Security Awareness Training Is Critical

In addition to gaining greater visibility into the court system’s network, Naseem has been working to enhance users’ security training, including IT staff.

“So without knowing where all your devices are you can’t protect it, right?” Naseem tells CyberScoop. “Without having the proper staff to look at the policies to look for any gaps, to be resilient and persistent in following different threats, is key.”

Naseem says his staff has cybersecurity awareness, but also has what he terms cybersecurity readiness and performance.

“To me, awareness is knowing something, and readiness and performance is having the right amount of knowledge and the right amount of training to be able to act on a problem,” he tells Government Technology. “We actually measured cybersecurity readiness and performance of our staff for many years beforehand. This is unique. We weren’t talking about it, but we wanted to know the knowledge, behavior and attitude of our employees. We measured that mathematically.”

“One of the steps we’ve been taking is looking at the high-profile users — someone who doesn’t have the right amount of knowledge about phishing — and asking, can we monitor them differently?” Naseem says. “Can we act on them differently?

More On Network Monitoring, Training, Security, Network Access Control,