How Virginia Is Staying Ahead of Cyberthreats
As Northern Virginia district operations systems manager with the Virginia Department of Transportation, John Kornhiser leads an IT team tasked with a very specific mission.
“We support the technologies needed to keep traffic moving on the roadway,” Kornhiser says.
Key to that work is a custom application that integrates and processes data gathered from every corner of the district. Data from traffic video cameras, highway message boards and emergency services dispatch feeds all comes together in the traffic management system the team operates out of its VDOT office.
About five years ago, cybersecurity became “a huge focus” for the agency, Kornhiser says. A ransomware attack had seized the traffic management system in neighboring Washington, D.C., and VDOT realized that it wouldn’t be long before cybercriminals turned their attention toward its department.
“One of the first things we decided to do was improve security around the way that we gave employees and contractors remote access to VDOT resources,” Kornhiser says.
DIVE DEEPER: How New York is working toward a single, verified login.
With that in mind, Kornhiser’s team shopped around and eventually settled on a Cisco solution called Duo. With Duo, VDOT’s traffic management system is protected because it sits within a zero-trust security environment, Kornhiser says.
Duo is a single sign-on tool that relies on multifactor authentication and, in this case, sits atop the Cisco AnyConnect service. The Software as a Service technology thwarts cybersecurity threats by verifying users’ identities before they can touch VDOT’s systems.
“You have a username and password, but then you also have a secondary form of authentication that comes in the form of a randomly generated code,” Kornhiser says.
Created instantly at sign-in, the code is delivered to another device or account previously confirmed as being under the user’s control. “Even if the hackers know your password, they’re not getting anywhere without that additional authentication,” Kornhiser says.
VDOT’s system has remained safe since the agency’s Duo deployment. In fact, Kornhiser says, the solution has been so successful that it’s now being used across all five VDOT regions.