Cybersecurity Challenges Facing Local and State Governments
Local governments may face higher rates of encryption during ransomware attacks due to a lack of financial and cybersecurity resources. Constrained budgets and small teams pressure organizations to divert funds away from cybersecurity, leaving gaps in their platform protection. Conversely, central governments have a lower encryption rate, as they have more funding, trained IT staff and access to security operations centers.
An additional challenge facing local government is the rate at which it pays to recover data. Researchers found that 42 percent of local governments had paid ransoms to get their data back, right behind energy and oil and gas utilities at 43 percent. By comparison, only 26 percent of central governments and nondepartmental public bodies paid ransoms.
How Can State and Local Governments Mitigate Risk?
Given the increased ransomware risk state and local governments are facing, the report outlined several best practices to mitigate risk:
- Assume you will be hit: No sector is immune from these attacks.
- Make backups: Paying a ransom does not ensure data recovery. Make three copies of data, use two different backup systems and store at least one copy offline and offsite when possible.
- Deploy layered protection: Block threat actors by securing multiple points across your environment.
- Combine human experts and anti-ransomware technology: Dedicated anti-ransomware technology provides scalability and automation, and human-led threat hunting brings wisdom and experience detecting threat patterns. It’s a powerful combination.
- Don’t pay the ransom: Paying a ransom creates vulnerability and doesn’t ensure files will be retrieved.
- Have a malware recovery plan: A proactive cybersecurity approach, including an incident response plan, is the best way to stop a cyberattack from turning into a full-scale breach.
Ransomware attacks may be unavoidable, but a strong security posture can greatly help organizations recover when an attack occurs.