October is Cybersecurity Month; Technology Commission Addresses Branch Readiness

As October and Cybersecurity Month draw to a close, this is the perfect time to reflect on the work of the Florida Courts Technology Commission (FCTC). The FCTC was established by rule to oversee, manage, and direct the development and use of technology within the judicial branch under the direction of the Florida Supreme Court. Working in conjunction with the Appellate Court Technology Committee, one of the FCTC’s many responsibilities is to develop and maintain security policies to ensure the integrity and availability of court technology systems and related data.

Today, courts use digital and online technology for everything from communications and case management to e-filing and remote appearances. These technologies create efficiencies, produce data for assessments and transparency, offer enhanced access to all court users, and generally help the judicial branch to achieve its mission to protect rights and liberties, uphold and interpret the law, and provide for the peaceful resolution of disputes. Unfortunately, the benefits offered by greater use of technology come with exposure to a variety of cybersecurity threats.

To address the growing array of digital and online threats, the Florida Supreme Court adopted a report by the FCTC, which concluded that the technological infrastructure of Florida’s trial courts was encountering unprecedented cyber threats and that a robust approach to cybersecurity was critical for the judicial branch. As a result, the branch has been actively implementing the FCTC’s recommendations. An initial step was to work with the Florida Center for Cybersecurity to conduct a comprehensive cybersecurity needs assessment of the trial courts. That assessment informed a successful legislative budget request designed to help prevent cybersecurity events and ensure that the judicial branch will be able to respond to and recover from such events if they occur.

Cybersecurity planning for the judicial branch has shifted from circuit-based strategies to a branch-wide holistic approach. For example, the FCTC recommended, and the Supreme Court approved, a statewide template for responding to cybersecurity incidents. Additionally, the FCTC has developed a set of model security policies and is working on cybersecurity management guidelines. Most recently, the FCTC has formed a workgroup to recommend to the Supreme Court ways to enhance the court system’s cybersecurity posture based on lessons learned from cybersecurity events. The report is due in December.

The branch-wide efforts to secure the digital assets of the courts are critical to the overall functioning of the branch and the integrity of the data that the branch collects and uses, but each person is also a critical player when it comes to digital security. There are four simple steps that everyone can take to secure their digital assets.

1. Use strong passwords that are long, random, and unique. Or let a password manager do the work for you.
2. Enable multi-factor authentication wherever possible.
3. Recognize and report phishing attempts.
4. Update software whenever new releases come out.

By preparing for cybersecurity threats, having a plan to respond to cybersecurity events, and following some simple recommendations, we can all help to limit the impacts of online criminal activity and continue to enjoy the benefits of our connected services.