Computer systems represent critical infrastructure for all local governments. When a computer system goes down, it's difficult for staff to get work done. Recreating data stolen or lost in a cyber attack is time-consuming and labor intensive. With stories about cybersecurity attacks, security breaches, and information leaks popping up in the news on nearly a daily basis, local government managers have good reason to fear possible attacks to their computer systems and the havoc the attacks could cause.
All organizations—big and small—are vulnerable to attacks. Instituting cybersecurity programs and procedures is a bit like buying insurance from a risk management standpoint: You hope you never encounter attacks or breaches but you want to be prepared if you do. The challenge is to stay ahead of technology that continually morphs into new threats. At the same time, managers cannot be concerned only about the most recent attack or threat. They must look at the big picture to determine what it takes to always be operating in a secure environment.
Consideration needs to be given to how managers can respond to keep systems safe while not breaking their budgets; how local governments can retain qualified IT staff when private sector salaries are significantly higher; and for small community managers who also wear the hat of chief information officer (CIO), how they can stay abreast of trends and choose the most practical option.
Read the rest of the story on CREDO Cybersecurity: Current Writings on Threats and Protection (login with your COM account for off campus access).