Because an estimated 15% of critical infrastructure and its key assets are owned and operated by local governments, the lasting effects of a cyberattack could be crippling and possibly lead to the disruption of essential services to state residents. More than ever before, state and local governments need to be both cyber secure and cyber resilient to promptly carry on with crucial operations following a cyber incident. The key to combating against such disruptions is by understanding potential threats, safeguarding data and having plans in place to recover from potential attacks.
State and Local Agencies Often Lack Security Resources
Maintaining robust cybersecurity and resiliency plans must be a continuous effort, as cyber attackers have become more persistent. However, IT leaders often must manage all these needs while lacking funds and facing talent. In fact, according to a recent survey, nearly two-thirds of state and local IT officials surveyed believe their budgets are inadequate to support their programs. Additionally, hiring new talent to join the government’s workforce is an ongoing challenge, with IT roles in state and local governments proving hard to fill.
Having solutions in place sooner rather than later is becoming increasingly more important, as the cost of these potential attacks is only expected to grow. As detailed in IBM’s 2024 Cost of a Data Breach Report, the average cost of a data breach in the public sector globally is $2.55 million per event. Research for the report also found that it takes 209 days for public sector organizations to identify a cyberthreat –– and 83 days in average to contain an event – two weeks longer than the global average. For state and local governments facing cyberthreats daily, having to potentially spend millions of dollars and invest time to contain a cyber breach means further straining their already limited IT budgets and stretching thin their IT personnel.
209
The average number of days it takes for public sector organizations to identify a cyberthreat
Source: IBM, “Cost of a Data Breach Report 2024,” July 2024
All of these statistics demonstrate the severity of this issue and how cybercriminals could have a lasting impact on our infrastructure. Because these attackers can go unnoticed for a long time, they can work their way into environments and take control, possibly resulting in the disruption of major services that are vital to how many communities work. Governmental, healthcare and communications services can be rendered useless in the hands of these criminals. And these attacks may not be limited to just a single location but could potentially spread out to multiple entities for days, which could impact the lives of millions.
RELATED: A three-tier backup system is helping one county achieve cyber resilience.
Cyber Resilience Is Key to Successful Mitigation of an Attack
The ability to promptly recover from cyber incidents is just as important as preventing attacks. Proper cyber resiliency helps promote business continuity, such as resuming the delivery of essential services to residents despite cyber events that may arise. Proper security measures and resiliency proficiency impact how well governments can continue operations with little to no downtime or disruption.
Finding solutions that can prepare for, withstand and recover from attacks on resources is the next step toward ensuring a more robust environment.
Here’s what an effective solution should include:
- Trusted copies of data that are separate from your main system
- Ability to recovery from catastrophic cyberattacks to increase availability in services
- Automated and scheduled backup services that are regularly tested for validity
- A plan for IT personnel to restore critical services in a corrupted data scenario
Agencies Can Stay One Step Ahead of Attackers
As we’re moving toward open, hybrid cloud environments, residents can feel confident that practices are being put in place by governments to provide visibility, protection and resiliency.
We can all help prevent these cyberattacks by staying one step ahead of them. Here’s how:
- Be suspicious of any contact you receive that's abnormal, whether it appears to be internal or external.
- If you’re unsure whether a message or email is valid, reach out to the sender to confirm whether they sent the message.
- Always be wary of clicking on URLs or downloading attachments from external sources.
- Report suspicious incidents promptly to minimize damage.
- Leverage new technologies such as generative artificial intelligence to support existing cybersecurity programs, helping proactively identify potential threats and reduce time in containing these.
While state and local government leaders continue to work to secure their data and lay a foundation for a trusted environment, they should also implement a solution that can protect citizen data and allow for quick recovery.
There may not be a 100% perfect solution right now, but that doesn’t mean we can’t get started. Stay vigilant so we can keep critical services working for millions of people.
