ao link

You are viewing 1 of 1 articles without an email address.

All our articles are free to read, but complete your details for free access to full site!

Already a Member?
Login Join us now

Three ways cities can improve their cybersecurity resilience

Todd Weller, Bandura Cyber, explores how increasingly connected cities can mitigate growing cyber threats.


Recently, the Wall Street Journal published an article on the steps American cities are taking to improve their cybersecurity: More U.S. Cities Brace for ‘Inevitable’ Hackers. The consensus is clear: cyber-attackers are increasingly targeting cities, and cities are increasingly looking to cybersecurity insurance to mitigate this risk.


However, while cybersecurity insurance is undoubtedly necessary, the benefits are largely reactive, unless cities make the effort to take full advantage of the policy and implement other cybersecurity reduction efforts in their cybersecurity operations, such as using and sharing threat intelligence or working with MSSPs (managed security service providers) to plug any gaps.


Financial and political motivations


Cities and government organisations have access to a wide variety of personally identifiable and sensitive information that is attractive to attackers. Increasing electronic transaction capabilities mean that cities and governments have access to and are storing an increasing amount of sensitive data.


Cities and government organisations have access to a wide variety of personally identifiable and sensitive information that is attractive to attackers.


At the same time, cities are increasingly seen as great targets for attacks, given their lack of cybersecurity defence capabilities. Almost four in ten (38 per cent) local governments use technology that is at least one generation out of date, and less than half have cybersecurity insurance, according to a 2016 survey of CIOs for jurisdictions in the US.

While access to sensitive data is a lure for hackers, it’s not the only one. For example, earlier this year the City of Atlanta was the victim of a ransomware attack. In this case, the goal of the attacker wasn’t to access sensitive information but to disrupt the city’s operations to drive a ransom payment to alleviate the pain.

It’s also clear that influencing and disrupting political processes is another clear goal of cyber-attacks that target state and local organisations. Through ‘election hacking’, nation-state hackers deal blows to the integrity of the election process by accessing, stealing and even changing voting information.

The rise of cyber-insurance

Regardless of the goal of attackers, it’s clear that cyber-attacks result in increased risk and exposure for cities and local government organisations. This risk includes both monetary and non-monetary impacts, like the organisation’s reputation. The latest estimates suggest that it cost Atlanta $17 million to recover from the ransomware attack.


The use of cyber-insurance is not only more popular and necessary than ever before, but it is also becoming a board-level requirement.


Given the increasing prevalence of cyber-threats and the real costs associated with them, it is not surprising that more cities and other organisations are turning to cyber-insurance to mitigate risk. The WSJ article indicated that “a majority of the 25 most-populous US cities now have cyber insurance or are looking into buying it.”


The use of cyber-insurance is not only more popular and necessary than ever before, but it is also becoming a board-level requirement.


Improving cyber-resilience


1. Use, share and take action by employing threat intelligence

The cyber fight is far too large for any one organisation to go it alone. Using actionable threat intelligence is now a required element of cyber-defence for individual organisations. When this threat intelligence is shared between a network of cities and governments, more threats are detected, and the benefits are multiplied.


The use of threat intelligence and information-sharing is becoming more critical in security frameworks like NIST Cybersecurity Framework. To this end, state and local governments also work with MS-ISAC (Multi-State Information Sharing & Analysis Center). MS-ISAC provides relevant and actionable threat intelligence to state, local, tribal, and territorial governments. Specific to the topic of election security, organisations should also participate in the Elections Infrastructure ISAC.


Image from the MS-ISAC blog
Image from the MS-ISAC blog

2. Consider partnering with a managed security services provider (MSSP)


While cities like Los Angeles can afford to staff and operate their own security centre, other cities, towns, and state and local governments are grappling with a shortage of skilled security staff. Cybersecurity defence is now a 24/7 job, and it’s not economically viable or practical for most organisations to staff a 24/7 security monitoring operation on their own.


In this area, partnering with an MSSP makes sense. MSSPs provide a wide array of services that range from full IT security outsourcing to augmenting an internal IT security effort with 24/7 monitoring. MSSPs can also provide access to and advise organisations on next-generation cyber defence.

3. Get the most out of your cyber-insurance policy

Cyber-insurance is an interesting area because it bridges the C-suite and cybersecurity ranks within organisations. While there tends to be a lot of focus on the coverage side of cyber-insurance policies, it is important for organisations to ensure they are aware of all the policy benefits they have access to.


For example, as a part of its cybersecurity policy insurer, AIG offers a range of cyber technologies and services that policy-holders can access for free or at reduced rates. Because cyber-insurance is often more driven from the C-Suite side of the house, many cybersecurity departments may not be fully aware of everything they have access to with their cyber-insurance policy.


This is worth exploring to make sure you are taking advantage of everything that comes with your policy.


Preparing for the inevitable


Cities, state, and local governments are increasingly the targets of cyber-attacks. This is not going to change.


As the City of Houston CISO, Chris Mitchell said: "compromise is inevitable." Organisations are wisely taking steps to increase cyber- resilience. One of these steps is clearly the increasing adoption of cyber-insurance coverage. Beyond the monetary coverage benefits, organisations should make sure they are maximising the benefits of their policy by being aware of other benefits such as access to cyber technologies and services.


Beyond this, city, state, and local governments should look to use, share and take action with threat intelligence and consider partnering with an MSSP. Just taking these steps can go a long way in improving cyber-resilience.


You might also like:


Add New Comment
You must be a member if you wish to add a comment - why not join for free - it takes just 60 seconds!