How Local Governments Can Prevent Cyberattacks

The recent cyberattack on Atlanta, in which the municipal government’s computers and related services were held hostage by a ransomware attack, is a reminder that local governments are particularly vulnerable to these and other cyberthreats.

Local governments of all sizes and locations now own and operate a wide and growing array of internet-connected technology systems: employee-issued laptops, motion sensors on light poles and under pavement, mapping and informational systems inside police cars, online citizen-engagement tools and much more.

Most local governments in the United States don’t have a strong grasp of the policies and procedures they should implement to protect their technology systems from attacks. This is especially concerning because the threat of a cyberattack is the most important cybersecurity problem they face, according to a survey conducted by the organization I work for, the International City/County Management Association, and the University of Maryland, Baltimore County.

Forty-four percent of local governments report that they regularly face cyberattacks, on either an hourly or daily basis. More troubling is the high percentage of governments that do not know how often they are attacked (28 percent) or breached (41 percent). Further, a majority of local governments do not catalog or count attacks (54 percent).

This is not just an American problem. Last month, at a conference in Tel Aviv, Tamir Pardo, the former head of Mossad, Israel’s national intelligence agency, said that most local government leaders around the world do not fully understand how serious a threat cyberattacks are and have not imaginatively assessed the consequences of inaction. He described cyberthreats as “soft nuclear weapons” that one day may be used to start and finish a war without firing a shot.

Continue reading on