As cyber threats become more sophisticated, local governments and public entities face increased risk, especially from ransomware attacks.
According to the FBI, government facilities are the third most targeted critical infrastructure sector for ransomware attacks. Underinvestment in cybersecurity, reliance on outdated software, and lack of secure .gov domains are all common vulnerabilities identified by information technology experts.
To reduce exposure to these growing risks, experts recommend moving toward a “Zero Trust Architecture” that continuously verifies each user and device accessing networks. Additionally, it is crucial to avoid common pitfalls such as neglecting software updates or downloading apps from untrusted sources.
Using strong passwords, enabling multifactor authentication, and promptly reporting phishing attempts are all essential practices to help guard against threats.
Lin Chabra, MIIA’s senior manager of risk management, emphasizes that it’s crucial to invest in modern cybersecurity tools and infrastructure.
“Beneficial investments include updating legacy equipment to ensure it receives security patches, implementing multifactor authentication, and storing critical data in the cloud to limit on-site vulnerabilities,” she said.
Public safety departments should also adopt a computer-aided dispatch and records management system to help isolate these records from other municipal data, she added.
By adopting these cybersecurity practices and implementing preventive measures, municipalities can significantly reduce the likelihood of costly cyber incidents.
MIIA members can apply for annual risk management grants to support cybersecurity investments, as well as other loss control initiatives.
For questions about tools and resources to strengthen local cybersecurity, local leaders are advised to reach out to their municipal insurance representative. The MassCyberCenter also provides a range of resources for municipalities, including workforce training and grant initiatives.