• Skip to main content
  • Skip to footer

Commonwealth Sentinel Cyber Security Consulting

Cyber Security for local government, non-profits and small business

MENUMENU
  • Home
  • About Us
    • Sheri Donahue
    • Leo Haggerty
    • Careers
  • Services
    • Vulnerability and Threat Evaluation
    • Transformation Management
    • CISO Management Services
    • Incident Response Management
  • News
  • Blog
  • FAQs
  • Newsletter
  • Shop
  • Contact Us

commonsent / April 7, 2022

Half of All Local Governments May Be Attacked Daily

60% of all small businesses that are hit by a cyber attack will go out of business within six months. If that happens, the people that work there will lose their jobs, and the owners will lose money. The employees can find other jobs, and the owners can regroup and start another business.

However, when we talk about the impact on local governments, it’s quite different. A government cannot just close its doors and start again. Elected leaders may not be re-elected, and county employees may be laid off. But the citizens of the county cannot just find their services elsewhere. They cannot just find another fire department, sheriff’s office, courthouse, or jail. They cannot find a new library, park, emergency management agency, sewer company, health department, road maintenance, or public assistance.

The impact of a cyber attack on a local government affects everyone whom that government organization serves. An attack on a local government undermines confidence in local leaders and creates inconvenience, and it can also put private citizens in danger.

We may wonder why a cyber attacker might want to do something appalling to hurt innocent victims. Without getting into the psychology of the criminal mind, this is exactly why they would attack a government organization. The impact is harmful, and the government will do whatever it takes to return services to its citizens. This is why a cyber attacker may hold your personal computer for ransom. It’s not that they care about your information. It’s that YOU care about your information and being able to continue to work, communicate, etc. Because it is of value to you, you will be willing to pay the ransom.

Added to this is the threat from nation-states such as Russia and China. Their motivation may not be monetary but disruption of society at the local level. We clearly see that Russia is not afraid to attack private citizens!

Because they cannot simply “go out of business,” and because they provide for society, government organizations are a prime target for a cyber attack.

In addition to government organizations being a prime target, they are also not prepared.

One primary issue – in addition to organizations’ perception that “it won’t happen to us” – is budgeting. Government is not a ‘for-profit’ entity like a private business. Their funds come from taxpayers, and they must use that money to provide services to their communities. Leaders want their constituents to see that their tax dollars are used for roads, emergency management, public safety, and other civil services.

Using public funds for things like cyber security, while it protects the operations and data critical to the community, is not something that can easily be celebrated in the next election cycle. However, a successful cyber attack will be used by an opponent in the next election to demonstrate that the incumbent is not protecting the community.

The combination of the government being a prime target of cyber criminals and leaders being hesitant to spend public funds on cyber security (i.e., are not adequately defending their systems) leads to the perfect storm.

In a University of Maryland study of more than 90,000 local government entities, one-third of local governments would not even know if they were under a cyber attack. They don’t have the tools. However, of those who do have the technology to know if they are under attack, one-third of those reported being attacked hourly, and half are attacked daily. So what does that say for those who don’t have the technology? Their systems are the wild wild west!

In addition to the technology they lack, most governments either have IT policies and procedures that are not up to industry standards or have no formal procedures.

In addition to technology and policies/procedures, the third leg of the cyber security stool is security awareness and training of employees. This is critical in making all users of the IT system part of the security team since one click on a malicious link can inadvertently invite a bad actor into your network.
If local governments implement basic cyber hygiene and technical tools, update policies and procedures, and train their employees, they can greatly reduce their risk of a successful attack. Studies indicate that organizations implementing a layered cyber security solution can decrease their threat by 90%. That sounds like a pretty good return on your investment.

Filed Under: Blog, News

Footer

CONTACT US

COMMONWEALTH SENTINEL

1230 US Highway 127 S
Suite #5
Frankfort KY 40601
(502) 320-9885

EMAIL US

ABOUT US

Cyber security consulting for local governments, non-profit organizations, and small businesses facing the threats of the cyber world.  At Commonwealth Sentinel, we are passionate about helping people be cyber-safe!

FOLLOW US

  • Email
  • Facebook
  • LinkedIn
  • Phone
  • Twitter
  • YouTube

Copyright © 2022 Commonwealth Sentinel

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT