Ransomware attacks are a growing threat to critical infrastructure across the nation as vital facilities connect more and more operational control and systems to the internet. Therefore, improved visibility across an organization’s IT infrastructure is critical in addressing today’s cyber risks.

Emanuele Innamorato, chief information officer at the New York City School Construction Authority (SCA), this week shared the agency’s progress in digitizing its construction business model of NYC public schools, and improving the visibility of infrastructure through new IT software to prevent cyber risks.

The SCA’s mission is to design and construct safe and environmentally sound public schools for children throughout the many communities of New York City. Innamorato said during a July 8 webinar organized by Government Technology that the SCA is building and modernizing while maintaining a high standard of excellence in safety, quality, and integrity.

The agency deals with about 1,600 buildings across New York City, and builds about 12 new facilities per year. To more efficiently meet the agency’s demands and contractors, SCA set out on a journey to digitize its entire infrastructure so employees can effectively do their job from anywhere and transmit information seamlessly between contractors, SCA employees, and the Board of Education.

“We deployed a new and improved network to contain critical information about all the school buildings in our network, from design to construction progress. Deploying this new, improved network was a critical factor in making sure that all information be available to those who need it, yet it remains secure,” said Innamorato.

Additionally, deploying this new network also helped the SCA get visibility into the types of systems, vehicles, and devices in their network, and their overall health and behavior. Before deploying this system, the agency was uncertain about how many devices were in their network. And for a while, they had no visibility into the two to four hundred temporary work site networks, each with between two and eight people working in them.

After deploying this new solution, the SCA collects information that provides them with proper visibility into who is attaching to their primary network and guest networks. They are also able to identify how long a device has been on that network.

That increased visibility has made SCA aware of up to 10,000 devices today, including all types of internet of things and transitory devices within their system. And this helped SCA understand areas of vulnerability within their network. The agency can also detect individual vulnerable devices that need to be updated to prevent cyber risks.

“We expanded our view and found out what was really on our network and what our workloads look like,” said Innamorato.

Read More About
Lisbeth Perez
Lisbeth Perez
Lisbeth Perez is a MeriTalk State and Local Staff Reporter covering the intersection of government and technology.