INSIGHTS > MODERN GOVERNANCE

The Big Shift to Remote Work: Lessons Learned by CIOs During COVID

Kira Ciccarelli
Tags:
Risk
Cybersecurity
Government

Cybersecurity Threats

The amount of data that municipalities deal with has grown exponentially. Conversely, because they are often operating on a shoestring budget, local governments rarely have dedicated cybersecurity experts; they rely on their IT team to ensure security. However, that IT department often does not have the investment it requires, so holes in their security leave them vulnerable to attacks. These attacks can range from viruses to hackers to phishing.

One of the most prevalent types of cyberattacks recently is ransomware attacks. Ransomware is a type of malicious software that gains access to files or systems and blocks user access to those files or systems. Then, all files, or even entire devices, are held hostage using encryption until the victim pays a ransom in exchange for a decryption key. The key allows the user to access the files or systems encrypted by the program. These attacks often begin with an email with links or attachments that seem benign but give the hacker access to that single system followed by the network. 

While it is relatively unsophisticated as cybercrimes go, these can shut down servers, expose data, paralyze 911 centers and interact with traffic management systems. “Smart cities” — that is, cities whose infrastructure relies on interconnected technologies — might be more affected, but many hacks have occurred in other municipalities as well. Again, without a dedicated IT staff and with a reliance on aging infrastructures, many cash-strapped municipalities are ripe for attack.

Mitigating Risk

In the area of cybersecurity, overall, it does not appear that public entities are doing enough to mitigate risks. Using email to either communicate or to prepare and transmit meeting materials is inviting unnecessary levels of risk. Elected board members are quite likely not aware of the risks or aware of their personal liability. Of breaches that come from inside the organization, 67% are not malicious but are from errors. 

Effective defense from cyberattacks ultimately depends on education and overriding the chance of human error whenever possible. Cloud-based software that is recognizable and reliable is one of the best ways to take the guesswork and human error out of the agenda creation process.

Media Highlight
Image on right with a paragraph to describe context. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Fusce eget mi tellus. Nullam interdum ac libero in cursus. Proin id ante in risus commodo malesuada vitae sed velit. Maecenas at sagittis mi. 

Recommendations

Nam facilisis elit urna, et rhoncus nibh elementum in. Morbi id convallis arcu, ac laoreet augue. Aliquam tellus dolor, fermentum quis imperdiet et, vestibulum sit amet diam. 

  • Utilize cloud-based software like iCompass for agenda creation & distribution of materials to the council
  • Everyone involved in agenda creation, delivery, or use needs to be updated with training on cybersecurity
  • Municipalities need to develop a plan for cybersecurity. If they already have one, it should be reviewed annually.
  • Cities need to adopt a digital security mindset, with contingency and disaster plans in place

Get started today with a free demo.
Contact us to learn more about how we can help your business 
excel in modern governance best practices.  
Nicholas J. Price
Content Marketing Manager at Diligent

Nicholas J. Price is the Content Marketing Manager at Diligent Corporation. With a career that has focused on digital marketing, Nick’s specialization is in content marketing and content creation. With experience running several content departments to create and write content for Fortune 500 companies, Nick’s dedication lies in growing business through actionable and insightful content to ensure value to both prospects and customers. Nick has worked in the board portal space for two years, which has enabled him to gain a better understanding of the needs of boardrooms and the type of content that resonates with board directors, general counsels and corporate secretaries.

Nicholas is an experienced Content Marketing Manager with a demonstrated history of working in the computer software industry. Skilled in Digital Strategy, Marketing Strategy, Demand Generation, Lead Generation, Sales, Market Research, and Content Development. With a strong media and communication background, Nick graduated Trinity College (Hartford, CT) with a Bachelor of Arts (B.A.) in English (Creative Writing focus) and he has Minors in Religion & Asian Studies.

Related Insights

The Era of Integrated GRC Strategy in 2021

WHITEPAPER

CIS Security Benchmarks and Compliance

Podcast

CIS Security Benchmarks and Compliance

Podcast