At the MACo Summer Conference, state, local, and federal leaders came together for a candid discussion on the realities of cyber threats facing county governments.
The Summer Conference session, The Cyberattack “Hot Wash” – Lessons Learned After Things Went Wrong, examined firsthand experiences with cyber incidents and practical strategies for prevention, response, and recovery.
State Delegate Vaughn Stewart moderated the panel, guiding an engaging conversation on navigating cyberattacks, protecting critical systems, and ensuring continuity of public services when things go wrong.
Panel speakers included:
- Christine Anderson, Chief Administrative Officer, Anne Arundel County
- Robert Kelly, Chief Information Officer, St. Mary’s County
- Steven Burke, Local Cyber Manager, Maryland Department of Information Technology
- John Garstka, Director, Cyber Warfare, Office of the Under Secretary of Defense
Christine Anderson opened with lessons drawn from a recent cyber incident in Anne Arundel County. She emphasized the importance of clear and consistent communication, close coordination with legal counsel and technical advisors, and avoiding speculation until facts are confirmed. Anderson also highlighted strict adherence to Maryland Public Information Act (MPIA) rules, underscoring the need to balance transparency with security during response.
Robert Kelly recalled St. Mary’s County’s 2016 Thanksgiving weekend cyberattack, when hackers attempted to cripple more than 100 servers in a coordinated global strike. Kelly detailed how his IT team — through rapid response, long hours, and no small amount of luck — managed to thwart the attack without paying ransom. His story illustrated both the vulnerabilities counties face and the critical role of teamwork in crisis response.
Steven Burke provided the DoIT perspective, outlining Maryland’s efforts to bolster local cyber resilience. He described resources available to counties, including technical assistance, training, and coordinated state support for cyber incident response. Burke emphasized that local governments are often targeted because of limited staff and budgets, making collaboration essential.
John Garstka brought the federal lens, connecting local challenges to national security priorities. He explained how lessons from defense cyber warfare translate to civilian infrastructure, stressing the importance of building resilient systems and preparing for recovery, not just prevention.
The panel emphasized that cyberattacks on local governments are inevitable. Counties must focus on preparation, strengthen partnerships, and apply lessons from past incidents to keep essential services secure and maintain public trust.
The session took place on Wednesday, August 13, 2025, at the Roland Powell Convention Center in Ocean City, Maryland.
More About MACo’s Summer Conference:
