ENTERPRISE — Two major technology purchases were approved Wednesday, June 1, by the Wallowa County Board of Commissioners — a cybersecurity system and a new telephone system.
Both systems were approved because the technology used is becoming outdated, said Stacey Fregulia, information technology director for the county.
Cybersecurity
Fregulia told the commissioners she recently went to an Oregon Government Information Technology conference, where representatives of counties and cities in the state go to learn more about vendors, security issues “and things that are happening in society today.”
She became familiar with a system called Darktrace. Drew Staudacher of Darktrace attended the commission meeting via Zoom, but deferred to Fregulia on her presentation.
Fregulia said that for more than a month, there has been a Darktrace device on the county network in a trial run testing everything. She said Darktrace has an artificial intelligence element built into it to monitor the traffic on every computer workstation, switches and all elements of the network to determine what is normal activity and what is not.
“When it goes outside its normal path, say, someone put a virus on your computer, if that all of a sudden spikes and is out of the normal processes of where it would normally send emails or have normal traffic to some other person’s IP (internet protocol) address in another country or another city or somewhere that’s outside of the normal scope of where it normally works in, it’ll shut it down,” she said.
Once Darktrace’s Antigena element shuts the system down, it flags whatever anomaly caused the shutdown and issues an alert so the system administrator can see what is happening and determine if the activity is acceptable or not.
During the trial run, Darktrace has detected a few anomalies.
“During that time, there has been a few things it has picked up that are out of normal, one being Dropbox because of the file sizing,” she said.
Dropbox has been flagged, though it didn’t shut the system down, she said.
“This only happens once or twice a month and I was able to say, ‘This is OK.’ But what if it was our finance department or IT department, it would say, ‘No, wait a minute. You guys don’t do this,’ and it would shut that down. It would flag it and you’d come back and look at the logs and see who did it,” Fregulia said.
She emphasized the importance of improving the cybersecurity of the county systems.
“This is another step into the cybersecurity infrastructure that will help the county, in a sense, because we can’t hire someone to come in and go through those logs and monitor them 24/7,” she said. “We just can’t afford it. This, however, cuts down the cost of bringing those cybersecurity/IT-type issues in and lets you see it.”
Fregulia said it would cost at least $80,000-$100,000 a year for an IT expert to monitor and protect the county’s computer systems.
“With that being said, Darktrace, where it’s just monitoring for a shutdown, is just $12,000 a year,” she said.
Adding the Antigena autonomous response element brings the total to $20,071 a year. That’s a 40% discount from the regular price the county can get if it approves Darktrace by June 15.
Commissioners Susan Roberts and John Hillock each said they’ve had trouble with Dropbox. Hillock said he’s had difficulty opening documents related to the East Moraine Forest Management Plan. He and Roberts both said they need to review the plan this week. Commissioner Todd Nash was not present June 1.
Fregulia said Dropbox should be workable and it may be a problem with the commissioners’ computers that she will look into.
When Hillock asked where the county will get the money to pay for Darktrace, Fregulia said it already was in her department’s budget, “just in case.”
The commissioners agreed the county needs the cybersecurity Darktrace offers and voted to approve the plan.
