The URL can be used to link to this page

Home My WebLink About7, Authorization for IT Security Applications Manager ACTION ITEM #Security PositionConsideration of Adding a Cyber Security PositionConsideration of Adding a Cyber February 13, 2019 7 Consideration of Adding a Cyber Security Position$2.7 Million fine; exposed SCADA design–PG&E •NW Utilities SCADA accessed by Russia•Increased attack against critical infrastructure & government–2018 •Since 2010, increased attack surface•Increased threat of cyber attacks•enhanced decision making–Business Intelligence •reduced operational response–GIS •improved usage transparency–AMI •automation of commodity delivery–SCADA •Result: Improved efficiencies and reduced operational costs•Since 2010, District has heavily invested in technology•Technology Investments•BACKGROUND / HISTORY Consideration of Adding a Cyber Security Position Consideration of Adding a Cyber Security Position Need to ensure IT management continuation during IT Director absences•IT Director support•Maintaining network uptime as critical as cyber protection•Minimal work/life balance opportunity•cyber security trained or expertsnotExisting staff are•Only two staff manage network, includes IT Director•Currently maintain 30,000+ network devices•Staff Requirements•BACKGROUND / HISTORY Consideration of Adding a Cyber Security Position NEW INFORMATION managementof IT Master Plan; executive and board presentations, and vendor : Aid IT Director in planning budgets, continued development IT Manager•business software applications: Configure, administer, and support all VDI and Business Applications•thwart cyber attacks: Develop strategies, design systems, train staff in effort to Cyber Security•Primary Focus•Provide much needed skills in cyber security design and detection•DirectorIncrease efficiencies and backup capabilities for network admin and IT •level management structure in IT Department-Would fill mid•Position: IT Security & Applications Manager•Consideration of Adding a Cyber Security PositionConsideration of Adding a Cyber Security Position FISCAL IMPACT Over 500 open positions for Cyber Security Manager Nationwide•median of comparable salariesbelow2.82% •of comparable total compensationabove 75% 3.36% •75% of comparable salariesbelow11.23% ••$151,608-scales from $124,728 –Proposal: Range M46 •minimizing turnover in this critical positionIdentify a salary range that would attract & retain quality employees 3.-talent in a highIdentify a salary range that is attractive to recruit higher than average 2.Stay consistent with 2017 salary survey: 75% of total compensation1.depth analysis performed with multiple objectives:-In•Position Salary•Consideration of Adding a Cyber Security PositionConsideration of Adding a Cyber Security Position FISCAL IMPACT-Will delay some current IT capital projects to 2020•funded capital budget-•Funding•Consideration of Adding a Cyber Security PositionConsideration of Adding a Cyber Security Position RECOMMENDATION$151,608-$124,728 range of Security & Applications Manager to be Range M46, with a salary Authorize the General Manager to set a salary range for the IT 2.Department, reporting to the IT DirectorSecurity & Applications Manager, within the Information Technology Authorize the General Manager, to create and hire a position titled IT 1.Consideration of Adding a Cyber Security PositionConsideration of Adding a Cyber Security Position