The new year is bound to bring many new and exciting things to the public sector. One at new and, unfortunately, exciting thing that I am sure the new year will bring is an ever increasing threat from cyber attacks on Ohio counties. Effective mitigation of this threat can only start one way - guidance and effort right from the top of the entity. This brief extract form the attached document, THE CYBER SECURITY PLAYBOOK, highlights this: "Security breaches are no longer just possible. They are inevitable. That's because attackers' tactics change faster than security teams can adapt to them... While attackers have to succeed once, security teams must be right 100% of the time. That objective is unrealistic. But [appointing authorities] can help [entities] match their security posture to the risks they face". Although written for the private sector boards of directors, the information contaned is valid for all entities public or private. Please forward this attachement to all Boards, Elected Officials and Appointing Authorities for their consideration and action. The CORSA Model Cyber Policy and Cyber Best Practice documents are available to download at the CORSA website: www.corsa.org<http://www.corsa.org> James Hale, ARM-P, ARM-E Risk Control Consultant County Risk Sharing Authority 209 East State Street Columbus, OH 43215 614.246.1630 FAX 614.220.0209