In 2022, the FBI issued a Private Industry Notification to local governments and public services:

Bad cyber actors have been “conducting ransomware attacks on local government agencies,” which have resulted in “disrupted operational services, risks to public safety, and financial losses.”

Even more concerning?

According to incident reporting for all of 2021, local government entities were the “second highest victimized group” behind schools—and there are no signs of attacks slowing down in the future.

Even as state and local governments are increasingly becoming targets of cyberattacks, and despite the known risks and increasing threat levels, securing adequate resources and funding for municipal cybersecurity initiatives can be difficult.

In a 2023 Gartner study of CISO agendas for state and local governments, the top three priorities for the year were:

  1. Investing In/Implementing Cybersecurity
  2. Technology Modernization
  3. Digital Transformation

However, these initiatives are often easier said than done. That’s why the study also identified the top three challenges for implementing these digital changes:

  1. Ensuring business leaders understand the possibilities
  2. Competing expectations from different stakeholders
  3. Agreeing on a shared vision across different parts of the enterprise

Gartner’s advice to overcome the obstacles?

“Deepen relationships with executives and stakeholders to better align digital investments to their mission, strategies and competing priorities.”

These reports are in keeping with data from Comcast Business and The Atlas, a free resource for local government leaders to “browse case studies, follow topics and crowdsource ideas and advice,” one of the most effective ways municipalities can create a culture shift toward cybersecurity is by “building risk assessment into processes,” like vendor selection.

Picking the right vendors (and understanding the scope of their data needs) allows for risks to be accounted for and reduced upfront—which is crucial, as proactive mitigation is one of the most critical cornerstones of combatting cyberattacks.

The only way to be proactive is by having a comprehensive understanding of the state of your current infrastructure.

Get the information and tools necessary to communicate your cybersecurity needs effectively with our Technology Roadmap Checklist.