For Local Governments, Every Month Is Cybersecurity Awareness Month
As we wrap up another October of cybersecurity-related content, it should be noted that for many government IT leaders every month feels like Cybersecurity Awareness Month—and has for the last decade at least.
The past 12 months have been particularly challenging, given that ransomware attacks doubled against public institutions, cyber insurance premiums have risen dramatically while coverage limits have been severely cut, and we witnessed something almost unthinkable when even local governments were impacted through supply-chain attacks most exemplified from Kaseya customers. This is where cybercriminals find a way to penetrate a cyber services company and surreptitiously gain access to all its customers most trusted addresses.
Further complicating the situation is the increasing demand for experienced cyber tech employees—local governments are having an especially difficult time attracting such talent. Surprisingly, it appears that money is no longer the largest stumbling block, as has been reported in the recent past. Today, cybersecurity candidates are increasingly seeking quality of life factors that include working from anywhere, working non-standard hours, and requiring more health and wellness benefits. Senior tech staff have expressed their frustration from what many are referring to as “pandemic burnout: and are simply retiring or moving to completely different jobs and professions.”
All of this serves as the backdrop to CompTIA’s Public Technology Institute’s (PTI) 2021 National Survey of Local Government Cybersecurity and Cloud Initiatives. The purpose of the survey was to provide a snapshot of cybersecurity programs, issues and priorities in cities and counties. The survey looked at budgeting, policies and procedures, access management, cyber insurance, leadership support, and more.
The findings confirm that a wide variety of management and policy issues are impacting the cybersecurity posture for many local governments:
- Engaging leadership on cybersecurity remains a vexing issue for many IT organizations
- Despite a budgeting uptick for cybersecurity programming, thanks to federal stimulus support, a majority of IT executives feel cyber funding is still inadequate
- Cyber insurance rates are rising (and coverage limits are declining)
- The number of organizations that have implemented policies to better manage mobile devices have increased from last year
- IT executives feel a high level of satisfaction when it comes to security protocols implemented by their network service providers
The past 20 months have been a particularly trying time for the local government community: Add to the health and societal impact of the pandemic on our communities and organizations, city and county IT had to quickly ramp up and provide government services via a vastly expanded remote work environment – for the most part, implemented effectively and securely.