Municipalities and Cybersecurity: How to Protect Against Cyberattacks
On March 30, Kathy Sheehan, mayor of Albany, NY, announced via social media that the City of Albany experienced a ransomware cybersecurity attack. Local news outlets say that the investigation is still in its early stages, so details about the full extent of the attack remain unknown. Most city services have resumed. News of this local hack has prompted us to delve deeper into the topic of municipalities and cybersecurity.
You may remember that at the beginning of this year, Beazley reported an increase in ransomware attacks on businesses in 2018. (We discussed this more in depth in a previous blog post.) Ransomware is a well-known type of malicious software. It restricts access to an infected machine, typically by encrypting files on the hard drive, and then demands payment of a ransom in exchange for the key to decrypt the data. Payment is usually demanded via credit card or cryptocurrency.
Municipalities and governments are coming under fire from hackers. In March 2018, Atlanta’s municipal government fell victim to one of the largest ransomware attacks ever against a major American city, as reported in the New York Times. In 2016, a survey from the International City/County Management Association (ICMA) found that ransomware was the most common cyberattack against all city or county governments. However, the survey also found that less than half of local governments had developed a formal cybersecurity policy.
Public entities often lack funds needed to respond (and recover) from a cybersecurity attack. Local and state governments are usually more vulnerable to cybersecurity attacks because resources are thin. Computers often run on outdated platforms. Services and information are supposed to be made available to the public, but a lot of this information is offered on unsecured websites. And of course, there’s a lack of general awareness around cyber security risks.
With all of these obstacles in mind, where do municipalities and governments go from here? It’s a great idea to connect with professionals in the insurance and risk management space. We can help anticipate, understand and manage risk, and also help connect you to regional, national and specialty global insurers that can offer products that can help protect your data.
Rose & Kiernan, Inc. works with many industries on custom-craft innovative, cost-effective risk management and risk financing solutions, including government entities and the public sector. For more information on Rose & Kiernan’s cybersecurity risk management, please contact us at firstname.lastname@example.org. Click here to learn more about cybersecurity insurance.