Founded in 2018, the Cybersecurity Division’s goal is to prevent security incidents that have a significant impact to County’s services or data. The division accomplishes this by working with ITS and other departments to implement security controls recommended by the Center for Internet Security. The division is split into a Security Operations team and a Security Compliance team.

Security Operations

The Security Operations team monitors County infrastructure for symptoms of cyberattack and contributes to the technical design and implementation of the County’s IT environment to reduce risk.

The team consists of two groups:

• Security Operations Center – A security operations center which leverages automation to continuously monitor the environment, triage potential incidents, and track vulnerabilities for remediation. This team is also responsible for gathering threat intelligence information and presenting it along with incident trends to the rest of the division to aid in risk management.
• Architecture and Engineering – Utilizes expertise in network, systems, cloud, and application security principles and responsible for working with other teams to implement security throughout the system lifecycle. This group is also responsible for penetration testing — internal and external — to identify vulnerabilities and to test the monitoring capabilities of the SOC. The cooperation of these two teams will create a feedback loop of continuous improvement within the environment.

Security Compliance

The Security Compliance team is responsible for identifying and monitoring appropriate security controls for Gwinnett to implement to address regulatory requirements and industry best practices. This section consists of two primary functions:

• Compliance and Regulatory – As part of its Compliance and Regulatory responsibilities, this team is responsible for developing internal standards which describe how Gwinnett will meet industry best practices, County policies, and regulations such as PCI-DSS, HIPAA, and CJIS. They are also responsible for managing the ITS Standards Manual and the associated Standards Committee, which identifies and enforces standardized IT practices and requirements.
• Compliance Monitoring – The team also continuously reviews IT’s day-to-day activities to validate compliance with documented policies, standards, and procedures.