From viruses, bugs, and worms to eavesdropping, spoofing, phishing, clickjacking, and social engineering, our digital systems are at risk each and every day. And while attacks just keep on coming, they also raise a few questions. How prepared are local governments? Could your organization handle a cyber crisis? Does your organization have what it takes to protect its computer systems and the community?
The ICMA cybersecurity "must reads" listed here address various ways local governments can be better prepared for a cyber attack, including best practices for training staff and tips for protecting the community.
While cybersecurity is addressing the need for computer security, most local governments still don't have a solid understanding of what policies and procedures they should follow to protect their computer systems from future attacks. That's why ICMA has partnered with Microsoft to develop a new report on cybersecurity to ensure that local leaders are aware of what it takes to protect their computer systems and what current and future leading practices might look like.
Local governments do not have the money to launch such a robust defensive strategy. Sluggish bureaucracy and tight budgets slow upgrades and limit hardware and staff expansion (Bobritsky). However, counties and towns are not thereby helpless in the face of this formidable threat. Experts recommend a number of steps that any local government can implement to ward off cyberattackers.
Local governments need to identify new crimefighters to help protect all local governments' digital assets. From network security training for all employees to routinely backing up all data to purchasing network liability insurance, our new crimefighters will need access to both human talent and digital resources to combat these attacks.
Almost every local government in the United States has a community emergency response team. These programs help educate volunteers in such disaster response skills as fire safety, search and rescue, and basic first aid and were created to respond to physical and natural disasters in which, despite the best preparation, an emergency situation requires a quick and efficient response.
While a security breach might be one of the last things on your mind, the 2016 Travelers Risk Index report shows that it’s a top concern for customers and contractors. “Personal Privacy Loss and Identity Theft” went from barely ranking on its survey a few years ago to being No. 2, right behind “Financial Security.” The expectation of cybersecurity has to be met with the same fervor and drive that you strive to meet all your other customer and resident expectations.
There are several opportunities for strengthening your community’s cyber preparedness. This article highlights five of those opportunities: ensuring continuity of operations during a cyber incident; developing a citywide cyber incident response and recovery plan; planning for data recovery and restoration; ensuring delivery of prompt, reliable public information; and engaging with private sector partners.
In this Q&A, ICMA sat down with Battle Creek's City Manager Rebecca Fleury and IT Director Charles Norton to discuss cybersecurity awareness training strategies effectively placed within their organization, as well as best practices that other local government leaders can apply to create and to maintain a culture of cybersecurity.
As the nation experiences more and more cyberattacks, it's more important than ever that local leaders create and maintain cultures of cybersecurity within their local governments. The key component of this is to ensure all end users receive appropriate cybersecurity training (not once but regularly) and must be held strictly accountable for their actions. You might be asking, what should I be looking for and what are the elements of a sound cybersecurity awareness plan/program? Here's a list to consider.
Smart cities and counties, connected devices, digitized records, as well as smart cars and homes have become a new reality. This cyber checklist is designed to remind residents and government officials that their sensitive, personal information is the fuel that makes smart devices work. While there are tremendous benefits to using these devices, it is critical to understand how to use these cutting-edge innovations in safe and secure ways.
Before you find your own jurisdiction’s security breach in the headlines, consider how a strategic approach can (1) help break down into manageable pieces what may feel like daunting tasks, and (2) protect a public organization, its employees, and the public it serves.
To find out more about this topic check out the cybersecurity topic page.