Warren County committee approves rewritten computer use policy, links it to IT shared-services and cyber insurance
January 31, 2026 | Warren County, New York
This article was created by AI summarizing key points discussed. AI makes mistakes, so for full details and context, please refer to the video of the full meeting. Please report any errors so we can fix them. Report an error »
The Warren County Personnel Committee approved an updated computer use policy recommended by the county’s Risk and Safety Committee that reorganizes governance, expands definitions and adds new sections addressing biometrics, social media, phishing prevention and cyber-liability standards.
A county legal adviser said the rewrite pulls industry best practices into one policy and incorporates exhibit language (exhibit F) for contracts involving computing data. He said the draft was developed with input from the county’s insurance broker and carriers and is intended to make the county’s practices enforceable and more consistent across departments. "The section on governance ... covers computer use management and administration, accessing the county's computer network data, and laying out clear lines of reporting for any cyber liability issues that arise," the adviser said.
Committee discussion focused on record-keeping and access logs, phishing testing and training, employee notification and the operational staffing needed to implement the policy. The committee heard that phishing-test summary reports are automated and provided to the board; IT staff said vendors are adjusting tests to avoid false positives so that corrective training can be targeted. The legal adviser emphasized that the policy will require more from the IT department and suggested the director bring forward staffing proposals to address security and programming needs.
The policy is explicitly tied to an IT shared-services initiative: municipalities that adopt the policy with minor changes would be eligible to join the county's shared-services platform and could participate in a group cyber-insurance program brokered by Gallagher to reduce premiums. A risk manager said the county will also schedule more regular, low-cost or free IT security training through its insurance partner.
The committee moved and voted to approve the policy as presented. Committee members asked for ongoing reporting and for IT staff to develop resource proposals to support the policy’s implementation.
A county legal adviser said the rewrite pulls industry best practices into one policy and incorporates exhibit language (exhibit F) for contracts involving computing data. He said the draft was developed with input from the county’s insurance broker and carriers and is intended to make the county’s practices enforceable and more consistent across departments. "The section on governance ... covers computer use management and administration, accessing the county's computer network data, and laying out clear lines of reporting for any cyber liability issues that arise," the adviser said.
Committee discussion focused on record-keeping and access logs, phishing testing and training, employee notification and the operational staffing needed to implement the policy. The committee heard that phishing-test summary reports are automated and provided to the board; IT staff said vendors are adjusting tests to avoid false positives so that corrective training can be targeted. The legal adviser emphasized that the policy will require more from the IT department and suggested the director bring forward staffing proposals to address security and programming needs.
The policy is explicitly tied to an IT shared-services initiative: municipalities that adopt the policy with minor changes would be eligible to join the county's shared-services platform and could participate in a group cyber-insurance program brokered by Gallagher to reduce premiums. A risk manager said the county will also schedule more regular, low-cost or free IT security training through its insurance partner.
The committee moved and voted to approve the policy as presented. Committee members asked for ongoing reporting and for IT staff to develop resource proposals to support the policy’s implementation.
Don't Miss a Word: See the Full Meeting!
Go beyond summaries. Unlock every video, transcript, and key insight with a Founder Membership.
✓
Get instant access to full meeting videos
✓
Search and clip any phrase from complete transcripts
✓
Receive AI-powered summaries & custom alerts
✓
Enjoy lifetime, unrestricted access to government data
30-day money-back guarantee
