Working Together Can Mount a Stronger Defense
At the JSOC’s opening, New York Gov. Kathy Hochul cited the increasingly volatile geopolitical circumstances surrounding Russia and Ukraine as one of the catalysts for the collaboration among New York’s city, state and local governments — which she said would include trainings, tabletop exercises and other educational opportunities for regional, state and municipal leaders.
The new center will also help officials monitor potential threats in real time by centralizing telemetry data, according to a press release from New York City Mayor Eric Adams’ office.
In addition to the new facility, Hochul has proposed a $62 million 2023 fiscal year cybersecurity budget for the state, which would include a $30 million shared services program designed to help local governments implement cybersecurity services to increase their level of defense.
RELATED: State and local agencies lack incident response plans.
Other states have also announced they’re working with local government entities to enhance tech attack precautions and response.
Iowa, for instance — which currently provides services ranging from security monitoring to malware detection in some form to its 99 counties — recently said it will relaunch its cybersecurity operations center to provide round-the-clock cyber monitoring services and increased threat visibility for local governments within the state.
This year, Massachusetts also expanded the municipal cybersecurity program it introduced in 2019, which funds training for municipality and public school employees through grants. The updated cybersecurity prevention training the state is providing now includes cyberattack simulations.
Combined Actions Should Streamline and Strengthen Reach
In recent years, a number of cities and counties have experienced cyberattacks — 204 in the past 24 months alone, according to one estimate.
While some — such as Baltimore, which fell victim to ransomware in 2019 and had a 911 system breach in 2018 — may seem like obvious targets due to their size, hackers are also seeking out smaller areas. In Collierville, for instance, a 50,000-person town in Tennessee, municipal services such as the public library had to operate offline for several days after a 2019 ransomware attack.
In cyber incidents, a speedy response is crucial to reduce the potential damage.
DIVE DEEPER: How governments can improve cybersecurity tools and incident response efforts.
Due to manpower and budgetary constraints, smaller local governments may not be able to fully staff dedicated response teams or implement all available defense technologies and techniques, which can make them easier and more attractive attack targets.
Funding from 2021’s Infrastructure Investment and Jobs Act, which allotted $1 billion for cybersecurity-related state and local government tech improvements over the next few years, may eventually help local and other government organizations enhance their overall security capabilities.
As of today, though, 58 percent of local government IT executives say their organization’s budgets can’t adequately support security and cloud initiatives.
How Proper Incident Response Can Protect Governments
Collective cybersecurity efforts can provide assistance and resources to help fill in local government coverage gaps — offering a centralized repository of emerging cyberthreat updates from sources such as software manufacturers, for example, which can be time-consuming for smaller government agencies to compile on their own.
Statewide cybersecurity programs can also supply recommended protocols and procedures — a standard but critical component in law enforcement and many other public sector operations — which can position agencies to deal with cybersecurity threats swiftly and effectively.
EXPLORE: Election security and infrastructure solutions to combat increasing threats.
Identifying a cybersecurity point of contact within a local agency, and having that individual pursue training to be able to accurately understand and convey pertinent information, can help expedite communication during cyber incidents.
Governments should be aware, however, that even with clearly outlined response steps and contacts, interconnected networks and IT programs pose a risk for attacks to quickly spread to other government bodies.
In case one or more of the entities a government agency might rely on for assistance is also shut down by a cyberattack, state and local leaders may want to consider building redundancies into their defense and response plans. This will help prevent agencies from spending additional time tracking down an alternative option to help investigate, safeguard and restore operations.
This article is part of StateTech’s CITizen blog series. Please join the discussion on Twitter by using the #StateLocalIT hashtag.