• Skip to main content
  • Skip to footer

Commonwealth Sentinel

Cyber Security for local government, non-profits and small business

MENUMENU
  • Home
  • About Us
    • Sheri Donahue
    • Leo Haggerty
    • Careers
  • Services
    • Vulnerability and Threat Evaluation
    • Transformation Management
    • CISO Management Services
    • Incident Response Management
  • News
  • Blog
  • FAQs
  • Newsletter
  • Shop
  • Contact Us

commonsent / June 23, 2021

Observations from the Kentucky Judge Executives and Magistrates Summer Conference

Last week the Commonwealth Sentinel team took part in our first in-person event since the start of the COVID Pandemic. The 35th Annual KCJEA/KMCA Joint Conference took place June 15-17, at the Griffin Gate Marriott in Lexington.

It was nice to see people out, and we got to have some great conversations about cyber security in the counties.

Two things were very clear from these discussions. First, the elected officials we talked to understand that they need to do more to protect their counties from cyber attacks. Second, there are many misconceptions about cyber security and what a county can do improve their cyber defenses.

In recent years, large companies have invested billions in their cyber defenses. This increase in cyber posture has forced cyber criminals to get more creative. They have been attacking vendors to get into organizations large and small. Like the recent Microsoft Outlook attacks that affected organizations as large as NASA and thousands of small cities and counties worldwide.

It’s actually less work to get $85,000 from ten small organizations without strong cyber security than attacking a big organization with hopes of getting $850,000.

Cyber criminals have also been going after smaller targets who have fewer resources to defend against these attacks. A recent FBI report states that 70% of all cyber attacks were against small organizations and that the average ransom paid was $85,000 in 2020.

That doesn’t even take into account the cost of recovery from the attack. For example, following a recent cyber attack, one Kentucky city had to buy 65 new computers in addition to paying the ransom.

The same FBI report states that 60% of small organizations hit by a cyber attack close their doors within six months of the attack. Going out of business isn’t an option for a county government, city, or utility district.

So, with the greater risk and the stakes so high, why aren’t counties doing more to protect themselves and their citizens? Unfortunately, there are many misconceptions about cyber security and what can be done to prevent attacks. Here are some of the most common.

  • “We have an IT guy, so we have cyber security.” But, as a rule, IT people are generalists, and you would not want your family doctor to do open heart surgery on you, would you?
  • “It costs too much.” Well, it’s A LOT less expensive than paying a ransom and/or having to buy all new computers for every employee. Cyber security prevention is actually very reasonably priced and can be done in stages to fit your budget.
  • “My staff is young, so they understand all that stuff.” Any organization’s biggest cyber security weakness is its employees, but you can turn your staff into your most significant asset with regular training from qualified cyber security experts.
  • “We are too small to be a target.” As mentioned earlier, cyber criminals ARE going after smaller targets because they are easier to attack. It’s actually less work to get $85,000 from ten small organizations without strong cyber security than attacking a big organization with hopes of getting $850,000.
  • “We have cyber insurance, so we are covered.” Insurance companies refuse more claims than they pay. There are high cyber security prevention standards that victims have to meet, prior to the attack, for insurance to pay off.

Cyber security is everyone’s responsibility. It’s not a question of IF you will be attacked. You probably already have. It’s a question of if or when the cyber criminals will be successful.

Filed Under: Blog, News

Footer

CONTACT US

COMMONWEALTH SENTINEL

1230 US Highway 127 S
Suite #5
Frankfort KY 40601
(502) 320-9885

EMAIL US

ABOUT US

Cyber security consulting for local governments, non-profit organizations, and small businesses facing the threats of the cyber world.  At Commonwealth Sentinel, we are passionate about helping people be cyber-safe!

FOLLOW US

  • Email
  • Facebook
  • LinkedIn
  • Phone
  • Twitter
  • YouTube

Copyright © 2023 Commonwealth Sentinel

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT