OPENING L INES Source- americancityandcounty.com, Gary Barlet, First Published 22nd March, 2024 The 2023 Local Government Cybersecurity National Survey found that more than 60 percent of IT officials at state and local organizations believe their budgets are inadequate to support their cyber programs. And only about half of their employees continually participate in cybersecurity training throughout the year, revealing a lack of engagement in IT security programs across their organizations—including from elected officials. Among these concerns, IT officials stated that an increase in sophisticated threats and lack of cybersecurity staffing are the top barriers their organizations face when addressing cybersecurity challenges. Despite perpetual constraints in cyber resources for state and local governments, organizations can proactively address these barriers. By prioritizing strategic investments and maximizing existing resources, they can enhance their cyber defenses against threats and maximize their return on investment (ROI) in cyber. Cultural shift: Assume breach mindset While state and local governments are not mandated to meet a Zero Trust deadline, as required for federal government agencies, there are still proactive steps that they can take to improve cyber defenses and put themselves in a better position to defend against potential cyber threats. To start, it’s crucial for everyone to adopt an “assume breach” mindset—meaning accepting that breaches are inevitable and that our world is more hyperconnected than ever before. When we typically think of defending against cyber threats, we think of preventing them. However, as our hybrid, hyperconnected world has evolved, prevention can no longer be the only goal, as it is not always attainable in this new threat landscape. As the threat landscape has grown more severe and unrelenting, the goal must take it up a level and ensure critical information remains safeguarded and operations continue in the face of inevitable attacks and breaches. The crucial need for organizational participation Similar to federal agencies’ adoption of Zero Trust, the cultural shift of assume breach goes beyond technology implementation, requiring active involvement from SecOps teams to CIOs to the entire C-Suite to prepare for breaches and ensuring operations aren’t impeded. Leadership buy-in and participation is essential BEYOND THE BARRIERS: MAXIMIZING ROI IN CYBERSECURITY IN LOCAL GOVERNMENT ORGANIZATIONS 11 CIVIL AND MUNICIPAL VOLUME 5, ISSUE 03
RkJQdWJsaXNoZXIy MTI5MjAx