Diocese of San Diego
Cyber Security Task Force
• The Task Force was created to develop best practices after a major breach occurred at the Archdiocese of Seattle where their database with volunteer data was hacked.
• More recently a number of parishes have been attacked by aggressive ransomware wherein computers at a parish office were infected by a program that prevented any access to files or even use of their computers. The infection was followed by a message demanding a ransom in exchange for the key to unlock the program. Thanks to quick thinking by the Business Manager, the situation was managed effectively and long-term damage was avoided.
• Diocese of San Diego has insurance to help handle any cyber security threats and/or attacks such as those above. In fact, in the first example cited above, the Business Manager worked directly with the insurance carrier’s claim staff to help immediately diagnose and resolve the situation. The parish was able to recover their data and operate again in about half the time it would have taken them to do so on their own (if they were able to do so at all). The ransom was paid by the insurance company. If you believe you are the victim of a cyber-attack, it’s imperative you immediately call our insurance carrier. They will help facilitate IT support and any other actions that need to take place to help you recover. Call or e-mail NAS Insurance to file a claim if you suspect something has happened: NAS Insurance - Claims: 818-382-2030 or firstname.lastname@example.org
• The diocese has engaged San Diego Futures Foundation (SDFF), a locally based non-profit, to assist with the training of diocesan personnel on cyber threats including ways to easily protect our diocesan resources. We will have a number of training sessions at the Pastoral Center and throughout the diocese over the next few months.
• The Task Force will also create sub-committees to help evaluate preferred vendors for systems used at parishes and schools that hold sensitive data. Systems include parish census systems, student information systems, online-giving systems, etc. Recently, the diocese created a task force to help determine the best system to hold the accounting records. CathoNet was selected, which is one of the most reputable companies used to dioceses across the nation to hold their accounting records. Currently, we have over 120 locations operating on the new system and expect to convert the remaining locations sometime over the next month. The new CathoNet system helps maintain the data in the cloud with regular and robust backups available at all times to our locations.
• We plan to publish IT Guidelines that all locations will be recommended to put in place to minimize future cyber security threats.