https://www.americancityandcounty.com/wp-content/themes/acc_child/assets/images/logo/footer-logo.png
  • Home
  • Co-op Solutions
  • Hybrid Work
  • Commentaries
  • News
  • In-Depth
  • Multimedia
    • Back
    • Podcast
    • Latest videos
    • Product Guides
  • Resources & Events
    • Back
    • Resources
    • Webinars
    • White Papers
    • IWCE 2022
    • How to Contribute
    • Municipal Cost Index – Archive
    • Equipment Watch Page
    • American City & County Awards
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Cookie Policy
    • Privacy Statement
    • Terms of Service
American City and County
  • NEWSLETTER
  • Home
  • Co-op Solutions
  • Hybrid Work
  • Commentaries
  • News
  • In-Depth
  • Multimedia
    • Back
    • Podcasts
    • Latest videos
    • Product Guides
  • Resources/Events
    • Back
    • Webinars
    • White Papers/eBooks
    • IWCE 2022
    • How to Contribute
    • American City & County Awards
    • Municipal Cost Index
    • Equipment Watch Page
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Cookie Policy
    • Privacy Stament
    • Terms of Service
  • newsletter
  • Administration
  • Economy & Finance
  • Procurement
  • Public Safety
  • Public Works & Utilities
  • Smart Cities & Technology
  • Magazine
acc.com

Smart Cities & Technology


Adobe Stock

Article

State and local governments will be prime cyber targets in 2022: How to stay protected

State and local governments will be prime cyber targets in 2022: How to stay protected

  • Written by Tony D’Angelo
  • 16th February 2022

Cybersecurity in 2021 was defined by a significant increase in high-profile attacks that affected all levels of government, from federal to state and local.

As recently as December 2021, cyberattacks on state and local government’s key networks continue to occur. The recent string of malicious and dangerous attacks demonstrates an active threat to the critical infrastructure of state and local governments.

Research from Comparitech showed that in 2020, 79 ransomware attacks were executed against U.S. government organizations, totaling an estimated $18.88 billion in downtime and recovery costs and illustrating the severe risks that state and local governments face when it comes to cyberattacks.

Progressing into 2022, it’s clear agencies must be prepared to proactively protect themselves against cyberattackers by using comprehensive security solutions capable of providing protection from endpoint devices to the cloud.

Isolated, on-premises tools are no longer enough to tackle ever-evolving cyberthreats. To truly ensure secure networks, agencies must practice good cyber hygiene while investing in integrated platforms and solutions that can secure data at all access points.

Securing overlooked gaps
Years ago, attackers would use techniques like brute force attacks to find small cracks in an organization’s security, then exploit that entry point to take the entire infrastructure. While attackers still use this method, there are myriad other discreet ways for cybercriminals to find their way in.

Compromised credentials continue to pose a risk—Lookout’s Government Threat Report found more than 70 percent of phishing attacks against government organizations sought to steal login credentials, a 67 percent increase from 2019. The same report found that in 2020, one in 15 federal, state and local employees were exposed to a phishing attempt.

To protect their networks, state and local governments should begin to implement integrated, endpoint-to-cloud security solutions that provide increased visibility on the network by proactively and automatically monitoring for threats.

With remote work likely to continue, considering historically overlooked mobile devices is essential. Apps on personal and work-related mobile and other network-connected Internet of Things (IoT) devices constantly communicate with different entities and systems. Often, the interactions are not monitored, amplifying already exposed security gaps. For example, many organizations use HR software to send employees’ personal and financial information to payroll systems. Once the apps are connected, organizations often do not continue monitoring for changes in behavior.

Additionally, apps commonly used to collaborate with colleagues such as Workday, Microsoft365 and Slack can all present security gaps that cybercriminals can exploit, as evidenced by major events like the 2020 SolarWinds hack, whether because agencies aren’t monitoring activities on these platforms, new zero-day vulnerabilities are discovered by malicious actors or because security patches haven’t been implemented.

Something as simple as sharing a document with a compromised machine or malicious individual can lead to an opening for cybercriminals to infiltrate the network. Once on the network, a bad actor can easily move laterally and undetected through the enterprise’s technology infrastructure.

Creating a secure network
To help safeguard these networks, cloud security solutions, such as Secure Access Service Edge (SASE), can provide the comprehensive coverage that is necessary for state and local governments to defend networks and IT assets moving into 2022.

SASE works to enforce security policies in a manner tailored to identity by contextualizing and continuously monitoring activity, changes and risk in the cloud and cloud-based apps. As a result, SASE secures access to an agency’s cloud network regardless of the device requesting access or the location of the employee or device.

Other cloud-based security solutions, such as Cloud Access Security Broker (CASB), Zero Trust Network Access (ZTNA), Data Protection, Enterprise Digital Rights Management (E-DRM), Exact Data Match (EDM), Secure Web Gateway (SWG) and Optical Character Recognition (OCR) can also help keep track of new workflows while accounting for the device or location.

When combined, SASE and its related solutions help mitigate phishing, malware and ransomware threats by providing one overarching solution that supports continuous verification through combined cloud security solutions.

The necessity of automation
A critical benefit of SASE and other cloud solutions is their ability to provide continuous monitoring to safeguard networks for clients with limited technology resources.

State and local governments are by nature smaller than well-funded federal agencies but are no less of a target for cybercriminals. To combat this issue, state and local governments must recognize the need for threat-hunting capabilities, also known as detection and response.

Manually searching for threats within a network can be tedious and lead individuals to miss well-hidden threats. Tools like User and Entity Behavior Analytics (UEBA) can help automate this process by monitoring users’ typical behavior and flagging deviations from routine patterns using machine learning and data analytics.

Organizations such as the U.S. Office of Management and Budget (OMB) are taking notice of the need for automated solutions and are working to address it by providing funding guidance designed to help agencies adopt threat-hunting capabilities.

State and local governments are also following the federal government’s lead when it comes to improving cybersecurity. According to a new survey from SolarWinds and Market Connections, out of 400 decisionmakers from federal, state and local and education sectors, 86 percent said they were likely to incorporate best practices and activities laid out in the Biden administration’s cybersecurity executive order.

Interest in zero trust solutions is also on the rise, with 78 percent of respondents claiming they are either implementing their strategies based on the cybersecurity paradigm or are modelling their approaches based on zero trust best practices, a 14 percent increase from 2019.

Among the top motivators for the shift among respondents were breach protection, data protection and reducing security threats from the endpoint and from IoT devices.

Agencies can look to new tools help blunt rising cyberattacks
In 2022 we’ll likely see continued cyberattacks against state and local governments. However, with this cadence of threats comes advancements in new and proactive cybersecurity solutions.

Teaching employees cybersecurity best practices alone is not enough to defend against malicious attacks as remote work continues to increase interconnectivity and heighten security gaps.

Leveraging best practices and implementing automatic monitoring solutions such as SASE and UEBA can help ensure network safety, address often-overlooked gaps such as mobile devices and secure everything from the endpoint to the cloud.

 

Tony D’Angelo leads the Americas public sector team at Lookout, bringing more than 30 years of experience in the IT industry. Prior to joining Lookout, D’Angelo held various sales leadership roles at Proofpoint, Polycom, Brocade and Nortel. Originally from New York, Tony received his Bachelor of Science in mechanical engineering from the University at Buffalo and has spent his entire professional career in Washington, D.C. Having joined Lookout in 2019 to lead the Americas commercial enterprise team, he now heads the combined federal-SLED business unit.

 

Tags: homepage-featured-2 homepage-featured-3 homepage-featured-4 Administration Smart Cities & Technology Administration Smart Cities & Technology Article

Most Recent


  • How 5G is making cities safer, smarter, and more efficient
    This article first appeared on Urgent Communication. It’s a scenario we’ve all experienced: an ambulance with a blaring siren racing against time to get a person in medical distress to a hospital through traffic. What we don’t see is 5G connectivity enabling paramedics to communicate with hospital staff via video conference and coordinate care in […]
  • ARPA funds
    Spending American Rescue Plan Act funds: A primer for municipalities
    The American Rescue Plan Act (ARPA) of 2021 is a $1.9 trillion legislative package that includes funding for states, local governments and tribal nations to respond to the economic and public health impacts of the COVID-19 pandemic. While initially restricted, subsequent guidance from the federal government has expanded what those funds can be used for. […]
  • landslides
    Managing landslides along road corridors using remote sensing
    Maintaining roads is an optimization problem. Local officials must balance limited and sometimes shrinking budgets with the needs of their communities to have safe and reliable transportation systems. Unfortunately, the importance of a particular maintenance issue is often judged based on anecdotal information and complaints from the public rather than hard data. This approach is […]
  • resilience
    Report: Prioritizing neighborhood infill, expanding transit options increases neighborhood resilience
    With the threat of climate change looming, cities that prioritize neighborhood resilience and equity will be best equipped to withstand future challenges. Last week, the United States Conference of Mayors and the Wells Fargo Institute for Sustainable Finance released a report highlighting strategies for communities looking to address the impact of the climate crisis. “Mayors […]

Leave a comment Cancel reply

-or-

Log in with your American City and County account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Assessing cyber readiness—Where to begin?
  • Respecting employees’ health data: How agencies can safeguard COVID-19 vaccination and test information
  • How state CIOs can reinvigorate technology systems in the new year
  • U.S. Conference of Mayors winter meeting features Pres. Biden, Speaker Pelosi; highlights challenges, success

White papers


Modernizing government services for today’s resident expectations

24th January 2023

Preparing Your Community Now for the Next Generation of Older Adults

18th October 2022

Helping Government Fleets Achieve Their Goals

30th September 2022
view all

Webinars


How To: Evaluate Digital Government Service Delivery Technologies

23rd January 2023

Using Technology to Enhance Communications

29th November 2022

Learn the benefits of transforming and automating your Contract Management process

4th November 2022
view all

PODCAST


Young Leaders Episode 4 – Cyril Jefferson – City Councilman, High Point, North Carolina

13th October 2020

Young Leaders Episode 3 – Shannon Hardin – City Council President, Columbus, Ohio

27th July 2020

Young Leaders Episode 2 – Christian Williams – Development Services Planner, Goodyear, Ariz.

1st July 2020
view all

GALLERIES


Report: While remote work is causing offices to empty out, walkable cities are still in high demand

26th January 2023

10 American cities with a great downtown

24th January 2023

Miami leads the way in FT-Nikkei ranking of best U.S. cities for foreign companies

20th January 2023
view all

Twitter


AmerCityCounty

How 5G is making cities safer, smarter, and more efficient dlvr.it/ShYNcx

27th January 2023
AmerCityCounty

Shifting city demographics present an opportunity to build coalitions, address inequality dlvr.it/ShYMMm

27th January 2023
AmerCityCounty

Spending American Rescue Plan Act funds: A primer for municipalities dlvr.it/ShXzvl

27th January 2023
AmerCityCounty

Report: While remote work is causing offices to empty out, walkable cities are still in high demand dlvr.it/ShVhBW

26th January 2023
AmerCityCounty

Managing landslides along road corridors using remote sensing dlvr.it/ShTpL6

26th January 2023
AmerCityCounty

Report: Prioritizing neighborhood infill, expanding transit options increases neighborhood resilience dlvr.it/ShRrFM

25th January 2023
AmerCityCounty

10 American cities with a great downtown dlvr.it/ShNxXH

24th January 2023
AmerCityCounty

With a few strategies and tools, public procurement directors can recruit new, diverse staffers dlvr.it/ShNnj4

24th January 2023

Newsletters

Sign up for American City & County’s newsletters to receive regular news and information updates about local governments.

Resale Insights Dashboard

The Resale Insights Dashboard provides model-level data for the entire used equipment market to help you save time and money.

Municipal Cost Index

Updated monthly since 1978, our exclusive Municipal Cost Index shows the effects of inflation on the cost of providing municipal services

Media Kit and Advertising

Want to reach our digital audience? Learn more here.

DISCOVER MORE FROM INFORMA TECH

  • IWCE’s Urgent Communications
  • IWCE Expo

WORKING WITH US

  • About Us
  • Contact Us

FOLLOW American City and County ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.