The summer of 2019 continued to be devastating to local governments under siege from hackers and malware. The Texas Department of Information Resources is investigating over 20 attacks on mostly rural Texas towns. Further, this trend does not appear to slow down. Attacks on municipalities have more than doubled in 2019. There is no discrimination in the size of cities dealing with breaches. Baltimore suffered an attack late spring that crippled the entire town. Further, two cities in Florida aid over $1M to have their data unlocked. Mayors of large cities, such as Atlanta Mayor Keisha Bottoms, are pushing for the federal government to step in and help. According to a CNBC article on June 27th, 2019 Bottoms said, “The federal government should … expand programs that share real-time threat information, which is often critical in avoiding and mitigating threats. We should also have federal programs in place to provide cybersecurity disaster-relief funding. This will help offset recovery costs borne locally.”
What can these cities do to protect themselves? First, recognizing the problem is real is the crucial first step. Second, ensuring insurance policies are reviewed to ensure cyber threats are covered is essential. Understanding the risk appetite of the municipality, where vital records are stored (electronic and physical), how quickly data can be restored to a usable state, testing the effectiveness of backups, assessing vendor capabilities, having backup processes, ensuring the IT support system has the funding necessary to respond to an attack, and having an actual plan are all critically important.
Gone are the days of the “wait and see” mentality related to cyber threats to municipalities.
The CIO of the Mat-Su area in Alaska, Eric Wyatt, repeatedly asked for additional funding for his inadequate IT budget to improve security. It was only after an attack that he saw his budget skyrocket. Why wait for a debilitating cyber-attack to invest in cybersecurity? It makes much more sense to spend tax dollars in local technology infrastructures than paying a significant ransom to a likely overseas attacker.