The data stored in government systems is understandably attractive to potential attackers. “If you think long-range, state and local governments offer a wealth of information about citizen activity,” notes Chris Kennedy, CISO of cybersecurity firm AttackIQ, in this CSO article. “You can imagine how cyber criminals would want to take advantage of that collection of information for identity theft and things like that.”
Indeed, cyberattacks including ransomware are growing in the public sector. “More than 20 local municipalities, cities, counties, and state governments have been hit this year that we know of,” Information Security Consultant Ron Bush noted in this GovTech article. “Ransomware attacks have been growing. From a hacker’s perspective, there’s very little risk.”
According to Forbes.com, “Deliberate information technology disruption is considered a top risk to all organizations both in terms of likelihood and potential impact.”
For many government organizations, paying ransom can create budget crises that directly impact service delivery. On the other hand, spending to prevent attacks also impacts budgets. And it’s not uncommon for voters to place higher priority on public-facing services and preserving lower taxes.
In-House vs. Outsourcing
This context of scarce resources and competing constituency priorities can compel leaders to dig in-house and see what can be done with the internal resources on hand. On matters of cybersecurity, however, the increasing complexities and rapid evolution of technology may mean that the most effective tools and knowledgeable staff to fight cyberattacks simply aren’t there.
Recent articles in GovTech and CompTIA have made interesting cases for why local governments might be better off outsourcing some or all of their IT operations, including cybersecurity. In GovTech’s interview with Teri Takai, the executive director of the Center for Digital Government and former CIO of the U.S. Department of Defense, Takai points out some pain points for local governments struggling to keep up with cyberthreats:
- Lack of resources
- Aging technology
- New technology that doesn’t integrate with existing systems
- Lack of size and scale to appropriately meet evolving challenges
- Lack of executive understanding and appropriate funding/support
As Takai noted, “There is no ‘one-time spend’ that makes a jurisdiction 100% secure.” Neither can a jurisdiction really go it alone.
Successful emerging models of cyberthreat management involve collaborations, partnerships, and economies of scale. This can be a tough sell, as sharing resources can feel an awful lot like losing control. It can be uncomfortable and unpopular.
Partnership and MDR Options
Opportunities exist between federal, state, and local governments, as well as between traditionally siloed departments such as IT and public safety, to join forces and share technology and expertise. Particularly in tech infrastructure and threat monitoring and detection, jurisdictions can connect with a shared technology partner.
Utilizing a managed threat detection and response (MDR) service is another avenue to economically detect malicious behavior and safeguard data. It allows organizations to benefit from cybersecurity domain expertise without the need to invest in training, development, or headcount.
Culture is Key
Another important action is to cultivate an organization-wide cybersecurity culture, one in which every department is involved in the ongoing effort. Creating this culture means developing cybersecurity awareness throughout your entire organization, which will lead to organizational practices that support the secure execution of your business strategy.
As Takai noted, “The ability of smaller organizations to address the threats without collaboration, shared resources, and support of the technology partners is a thing of the past.”
All of us with tight budgets should consider partnerships, resource sharing, and managed threat detection options to stay ahead of cyberthreats and avoid potentially devastating loss.
Meredith Trimble is a GovLoop Featured Contributor. She is a former municipal official and Town Council Acting Chair, who focused on strategic planning, annual budgeting, and bonded infrastructure projects. Her government experience also includes posts in both federal and state-level executive branch agencies: Associate Editor of the U.S. Federal Election Commission’s FEC Record; and Director of Education for the CT Office of State Ethics. In her current role as a Senior Content Specialist with Tyler Technologies, Inc., she writes content to help empower those who serve the public. Her current focus is to help facilitate data-enabled organizations as well as to create connections between governments and those they serve. You can read her posts here.
Great insights! Especially – As Takai noted, “The ability of smaller organizations to address the threats without collaboration, shared resources, and support of the technology partners is a thing of the past.”