Los Angeles is famous for its warm weather and movie stars. But what may not be as well known is that it's also one of the largest targets for cyber attacks in the world.
The city's infrastructure in highways, water and power -- and all the data behind it -- supports 4 million residents in the nation's second largest city. The city also collects data about Los Angeles International Airport as well as about the largest shipping port in the western hemisphere, where 43% of imported goods enter the U.S. The city government is even responsible for data related to elections, including yesterday's national election.
It's not difficult to see the enormity of the city's security challenge, which includes protecting the personal data of city workers and residents.
Ted Ross, CIO for the city of Los Angeles, heads the city's Information Technology Agency, managing its $90 million annual budget and 450 IT workers.
"We receive a massive amount of automated cyber attacks every month, about 100 million," said L.A. CIO Ted Ross in an interview. Even so, "we've made tremendous improvements in cyber security in the last two years under Mayor Eric Garcetti's directive."
Ross heads up the Information Technology Agency, one of 38 city departments. The agency has a $90 million annual budget and employs 450 IT workers.
The most obvious security-related improvement was construction of a $1.8 million Integrated Security Operations Center, which opened in late 2015 in a location Ross wouldn't disclose. The ISOC consolidates threat intelligence from what previously was carried out in four different locations.
From that single ISOC location, working around-the-clock, eight cyber threat analysts on each shift monitor 240 million security-related daily logs from sensors and other endpoints located inside critical infrastructure. The ISOC consolidation has helped speed up threat response and coordination, according to IT executives.
"We get situational awareness from one single pane of glass," said Timothy Lee, chief information security officer for L.A. The system uses artificial intelligence to recognize attacks and which critical system is under attack. "We identify the source, how critical it is and how to restore the system."
Timothy Lee is chief information security officer for the city of Los Angeles.
Lee and Ross didn't want to divulge all the cyber security tools the city uses, but Lee said L.A. does rely on Amazon Web Services' GovCloud to share approaches with other governments and does business with FireEye, a company offering a wide array of cyber security products and services.
Sign up for CIO Asia eNewsletters.