Regional Security Center prepares to counter cyberattacks on governments in the South African region


A partnership between the city of San Antonio and CPS Energy is set to open a $4.2 million center to protect the region from cybersecurity threats.

Located on the Port San Antonio campus, the Alamo Regional Security Operations Center was built to provide public and private partners with around-the-clock cybersecurity intelligence. It is expected to host crews from the city, CPS, San Antonio Water System and VIA Metropolitan Transit. Pending agreements, it will also serve municipal organizations and school districts.

Port San Antonio is set to host a launch event on Dec. 10, although it’s unclear when operations will begin.

The center opens its doors as cyberattacks against public and private entities increase.

In June, a cyberattack crippled the Judson Independent School District’s computer, phone, and email services. It took more than a month for authorities, including the Texas Department of Information Resources, to get the services back online. The district ended up paying nearly $550,000 to keep the sensitive information private.

San Antonio and CPS officials say they hope the operations center can help bolster regional internet infrastructure to prevent and respond to such attacks.

“Cybersecurity doesn’t stop at the lines drawn on maps,” said Patsy Boozer, the city’s chief security officer. “We believe that when our neighboring communities are protected, (San Antonio) is better protected.”

The concept of the regional center was born in 2017 when local cybersecurity officials began discussions to band together to provide defense for the city and mutual aid for regional municipalities. Last year, the San Antonio City Council approved a deal with Port San Antonio to lease 20,000 square feet of space rent-free for 15 years, with an option to renew after five years.

Will Garret, former director of cybersecurity at the San Antonio Chamber of Commerce, who is now vice president and director of cybersecurity development at Port San Antonio, said the city has “unique strengths, many of which are essential to national security”. For this reason, he said, there has been “a great deal of thought leadership” by city agencies and academic and private sector entities, many of which are customers of the port, to build systems to combat the internet threats.

Statewide Center

In a similar vein, the state of Texas beefed up its cybersecurity operations after a ransomware attack took over 22 city networks in 2019.

Governor Greg Abbott signed Senate Bill 475 into law in June, a bipartisan measure requiring the Department of Information Resources to establish policies to assist state agencies, cities, tax and assessment districts, water districts, ports and school districts on cybersecurity.

As in San Antonio, the State Department plans to build a regional operations center and enter into agreements with other entities. He also creates the Texas Volunteer Incident Response Team to respond to cybersecurity threats across the state.

Earlier this week, Nancy Rainosek, the state’s chief information officer, said “Ransomware has grown exponentially over the past three years and is not limited to the government or Texas.”

“It’s a global problem due to the prevalence of the internet and its integration into our daily lives and the increased sophistication of attackers,” she said. “Attackers make a business out of cyberattacks and get paid for their crimes.”

Currently, local municipalities are not required to report cyberattacks to the state. Only government agencies, institutions of higher education, and county election officials are required to report. A new state law requires the Texas Education Agency to create a system for school districts to anonymously share information about such attacks.

Since 2019, the state has said it is aware of at least 115 ransomware events that affected government organizations. There were 39 against independent school districts, 35 against cities, 16 against counties, 15 against state agencies and universities, and 10 against other local entities.

Rainosek said she hopes state and local efforts to build mirror operational centers will encourage open lines of communication. Boozer, the city’s chief security officer, said the city plans to share information with the state.

UTSA Login

The University of Texas at San Antonio is also playing a role in the new center.

Over the past five months Joe Mallen, Director of Cyber ​​Range at UTSA, has spoken with local leaders to provide training for security analysts who will staff the center, and a 2022 deal is in the works. finalization course. City officials also purchased an annual subscription to the Cyber ​​Range training platform.

Mallen likened the training center to “a firing range” — where trainees can experience a hands-on simulation of real-world cyberattack scenarios.

Boozer said the Cyber ​​Range curriculum contract would provide training to the city’s IT cybersecurity team and regional partners “to enhance skills for collective defense.”

Vic Malloy, a Cyber ​​Range instructor who consults with the nonprofit CyberTexas Foundation, said he applauds the collaboration.

The former National Security Agency chief information officer said cities like San Antonio “are definitely on the heat map because we have large healthcare and military communities.” To combat such attacks, the Cyber ​​Range can offer training “to reduce the time it takes to identify, respond to, and recover from future events.”

The training, he added, will offer staff at the new center the opportunity “to fail in a safe learning environment”.

“The place not to fail is in industry, education or government when an alert goes off and you miss that alert or an indication that it is an important incident that requires your attention. immediately,” he said. “It is better to fail in a learning environment than to fail in a mission.”

[email protected]


Comments are closed.