Posted on August 19, 2019 by Tony Martinez
The news articles are coming in on an almost daily basis… 2019 is set to be a record year for cyber breaches… Municipalities across the country, and the public sector in general, are suffering large scale cyber-attacks resulting in massive disruption to city operations, millions of dollars in losses, and the personal data of millions of citizens being compromised.
The latest case in Texas, where more than 23 (at a minimum) cities were victims of a coordinated ransomware attack, or the devastating spear phishing attack in Naples, Fl. are just two recent examples affecting local government when it comes to cyber. New York, Tennessee and Georgia have also been targeted in a bid to raise ransom money from state boards.
While we are seeing a surge in local government investments in cyber security, there is still a long way to go. This is a discipline that is still relatively immature within agencies large and small (as well as in the private sector). Information Technology (IT) and Information Security leaders are still struggling to effectively implement long-term, holistic strategies and tactical solutions to make cyber security a core competency across their environments.
It’s an uphill battle in this space. IT leaders are often under-resourced, and while cyber security investments are slowly becoming a primary topic as it relates to budget formulation, it’s still considered an afterthought with an assumption that the IT department “has it covered”.
Redefining What Security Means
If we can get one point across, it would be for local government executives to re-engage your IT and Security leaders (many currently don’t have dedicated security leaders) and re-define what cyber security means to your municipality or agency. Take the time to empower your team and work on a holistic cyber strategy that identifies and addresses existing risks or vulnerabilities, and allows for a scalable and sustainable maturity program to continue to harden your information systems environment.
Key areas to look out for include:
- Risk Assessment and Penetration Testing: Have you had a security risk assessment and penetration test performed by a qualified third party in the last year? This is the only way to understand and identify your current risks, vulnerabilities, and overall exposure.
- Cyber Strategy and Road Map: Using the results of your assessment, is there a prioritized list of security initiatives to harden your information system environment and does it include tactical guidance on how to implement the needed remediation initiatives?
- Security Controls Implementation: Following your strategy, do you have the resources to implement, and manage, technical, operational, and managerial controls found in industry best practices such as the NIST Cyber Security Framework?
- Culture of Cyber Security: Do you have updated policies and procedures that govern the way data is managed and information systems are maintained? Do you have policies that outline how every employee should managed data in their everyday duties? Do you actively train employees on identifying phishing emails, minimizing the chances of ransomware or creating an attack vector for a cyber incident?
Unfortunately, the quest to protecting local government IT environments, and every other IT environment for that manner, will never end. The bad guys are getting smarter, they have resources, and they only need to be right once to do some damage. According to an article in Cyber Security Reviews, ransomware detections rocketed by 365% year-on-year in the second quarter of 2019, according to Malwarebytes. They say virtually all its detections were related to attacks on businesses, as hackers focus on more lucrative targets.
Economical, Fast Solutions are Key
As the cyber security industry evolves there is a larger selection of solutions that help small and medium-sized public sector entities define, build, and maintain sustainable and scalable cyber security programs. Our cyber security experts recommend starting with strategy and using long-term managed solutions to help save money while increasing capabilities.
Advanced threat detection tools, continuous network monitoring, or tools to minimize the chances of getting hit by ransomware are no longer solutions that only agencies with deep pockets can afford. With the right mix, a small municipality can drastically harden its security posture without having to break the bank.
For example, our team can provide networking monitoring to 100 IP addresses for less than $15,000 a year.
Not a bad place to start. Also, we can perform a compliance performance assessment and from the report, offer several options to harden your overall security posture.
Solutions Package 1: Coaching
Training and coaching is an important component to overcoming security risks. We can help your organization raise cyber threat awareness through training and policies. To further safeguard against risk, we also provide best practices, state-of-the-art tools, and methodologies to your in-house information technology staff.
Solutions Package 2: Implementing Recommendations
We can apply the suggested corrective actions based on “ease of fix” rating or “estimated work effort” rating, all customizable to the client.
Solutions Package 3: Continuous Monitoring
We can implement a formal continuous monitoring policy and procedure to be conducted on a regular basis. We will address any threats in real-time.