conejota - Fotolia

Cybersecurity and resilience tips from the city of Atlanta CIO

Gary Brantley, CIO of the city of Atlanta, spoke at the 2020 Gartner IT Symposium/Xpo Americas about how the city's IT department rebounded after a 2018 ransomware attack.

Gary Brantley, CIO of the city of Atlanta, took over the municipal IT department six months after the city suffered a ransomware attack that publicly exposed some big gaps within its technology environment.

The attack, which took place on March 22, 2018, locked key systems and had the effect of demoralizing the organization.

But for Brantley, it also became a rallying call to set the IT department on a new path -- a renewed focus on operational excellence that created a more resilient organization capable of handling everything from large-scale events such as the Super Bowl, to targeted cyberattack attempts, to a pandemic.

"We really wanted to focus on getting back to operational basics, that was our key thing," Brantley said, noting that the city refused to pay the hackers. "The focus was really to work to ensure a stable environment in the city of Atlanta and focus on coming out better. We were looking at investments for the future, and that's where our efforts went."

Speaking at the Gartner IT Symposium/Xpo Americas, Brantley described what executives must do to build cybersecurity and resilience and drive transformation to succeed now and through the changes that lie ahead.

The upcoming challenges are expected to be significant. In its "2020 CIO Agenda: Resilience During Disruption" guide, Gartner listed a possible economic downturn, growing trade wars and digital disruption as forces that could require fundamental shifts in how organizations operate in the near future.

Four pillars for success

Brantley said he created an IT organization capable of addressing both current needs and future scenarios by focusing on the following four pillars.

City of Atlanta's Gary BrantleyGary Brantley

Strengthen the core. "We wanted to stabilize the infrastructure inside of the city of Atlanta, we wanted to develop [and] implement IT standards, processes and procedures, and define an IT operating model with clear accountability," Brantley said.

Increased alignment. "We wanted to align delivery of services to the city of Atlanta by improving trust and engagement with our different departments," he noted. "We wanted to find common priorities with [those departments] and we wanted quick wins; we wanted to define enterprise standards and, at the same time, have a strategic plan in the works."

Innovate and accelerate. "We wanted to enhance the end-user experience," Brantley said, adding that to do that "we needed to continue to innovate and make sure we were accelerating at a decent pace."

Application modernization. "We wanted to focus on: What do we need to modernize, what do we need to invest in, [and] what do we need to retire and eliminate?" he said.

Brantley said he tied the following four focus areas into the pillars.

  1. operational improvement;
  2. strong infrastructure and security;
  3. business engagement and alignment; and
  4. talent capable of ensuring the organization is set up for the future.

Brantley and his team adopted the 5-5-5 concept to propel work forward -- a concept that had IT asking what it could tackle in five days, what it could do in five weeks and what could be completed in five months.

"You'd be surprised at what you can do in that amount of time if your focus is intentional," he said.

The takeaways

City of Atlanta CIO Gary Brantley and author of The Art of Organizational Transformation: 7 Steps to Impact & Influence, outlined the following critical elements for organizations undergoing digital transformation initiatives.

  1. Build a great culture.
  2. Improve relationships to enable success.
  3. Become a politician capable of navigating the office dynamics that exist in all organizations.
  4. Cultivate salesmanship and charisma, as CIOs must be able to sell their vision.
  5. Be intentional with a narrow focus; be intentional about what you take on.
  6. Leverage what is already available to you.
  7. Shape and control the narrative.

Testing out the new IT

Brantley's revamped IT department had an opportunity to test out -- and ultimately prove -- the value of its new cybersecurity and resilience approach in February 2019, when the NFL held the Super Bowl in Atlanta.

"This was an opportunity to not only galvanize our public and private partnerships to get them in line with what we were doing in the city and also to have conversations with them, but also a chance to show the entire world that the city of Atlanta has rebounded and will not have [another attack] happen while the whole world is watching," he said.

The Super Bowl, which brought more than 500,000 visitors to Atlanta, is classified as a high-risk event for cyber activity; it's labeled as SEAR 1 -- the highest rating -- by the Department of Homeland Security.

The major event provided Brantley with an opportunity to build new partnerships with regional agencies "to create centralized information and workflow around security efforts," he said.

Those new partnerships brought together professionals, who with the city, ran through various security scenarios that could play out during an event like the Super Bowl, helping the city to prepare and to build resiliency while also laying the groundwork for such cooperative work on a regular basis.

Additionally, the effort showed Brantley that, to successfully prepare for such events, it is critical to do the following when it comes to cybersecurity and resilience:

  1. engage security experts early;
  2. run through multi-agency tabletop exercises;
  3. have frequent and consistent communication;
  4. shut down major projects for a stretch of time to better focus on immediate needs; and
  5. ensure alignment across the leadership team.

"And [finally], ensure your enterprise risk assessment is complete and that you're focusing on it and that it is something you're very intentional about cleaning up. If you have issues that you know about, it's very important that you take the opportunity and time to clean them up," he said.

Additional steps toward building organizational resilience

Brantley also cited his creation of the Atlanta CIO Advisory Board as instrumental to the IT department's current success as it enabled a cross-functional, strategic collaboration among thought leaders and industry professionals from both the private and public sectors.

"Don't be afraid to ask for help. We knew we couldn't do this alone. And it has proved to be very advantageous for us," he said. "We wanted forethought, we wanted innovative practices, we wanted collaboration and investment opportunity. This board has provided a pathway for that to happen."

During the presentation, Brantley discussed how Atlanta was further tested in 2020. The COVID-19 pandemic accelerated the city's digital initiatives as city hall moved into more virtual operations. Later in the year came ramped-up cybercriminal activities happening simultaneously to civil unrest associated with the year's social justice movements.

But, two years after suffering a ransomware attack, the city of Atlanta and its IT team were prepared for what came their way, Brantley said, leaning on their increased agility and resiliency, improved communications abilities, operational excellence and solid business continuity and disaster recovery plans.

"Those were all areas that helped us get through these times," Brantley said. "We were able to look to see if what we were doing -- is it paying off? Are we holding up? And we absolutely did. The team, the city of Atlanta, we were able to keep our systems up and running."

Dig Deeper on CIO strategy