South Carolina Hasn't Had a Cyber-Security Officer for a Year

November 28, 2012

The state of South Carolina. has gone about a year without a cyber security officer.

DOR Director Jim Etter, who has resigned but will remain as director until the end of the year said the agency’s $100,000 salary can’t compete with a private sector salary, says an AP report.

According to Senate hearing testimony into the massive data breach at the Department of Revenue (DOR), Etter says when his agency looked at encrypting data in 2006 it was decided it would cost $5 million and be “cost ineffective.” He said the Dept. of State Information Technology is now monitoring SCDOR 24/7, which makes system more secure, the report says.

Senators also heard testimony from Marshall Heilman, director of Mandiant, the private cyber security firm hired by DOR after the breach.

Heilman gave a report on what caused the breach, saying that a lack of encrypted data and a lack of multi-factor credentials caused the breach, says the report.

A DOR employee opened an email that most likely allowed the hacker to get the employee’s credentials, giving him access to the system, Heilman said.

Last month, South Carolina Gov. Nikki Haley disclosed that a foreign hacker had breached the Department of Revenue, potentially taking 3.8 million Social Security numbers, 3.3 million bank account numbers and information belonging to nearly 700,000 businesses.

This webinar will offer industry best practices to help your security team create or expand a sustainable program that aids in the fulfillment of your organization’s goals and objectives, while assisting your local agencies in fulfilling some of theirs as well — ultimately offering stronger security and response across both.

This year promises to build on the technological and business model innovations of last year, refine their value propositions, and play a key part for organizations who are navigating through covid-19 and planning for a post-Covid era.