Report: City and county administrators are prioritizing their cyber defenses

Given the high profile digital attacks against government organizations that have captured public attention in recent years, it’s no surprise that bolstering cyber defenses is a high priority for local internet technology managers. In a recent survey of city and county administrators by the CompTIA Public Technology Institute, a research firm, respondents overwhelmingly cited cybersecurity as their top priority over the next few years—continuing a trend that’s ramped up in momentum over the recent decade as criminals launch increasingly complex digital salvos.

“Last year ‘Cybersecurity/data loss prevention’ was a top priority for 88 percent of respondents. For 2022 this concern continued to hold the top spot with nearly unanimous (97 percent) support,” reads the report, the “State of City and County IT National Survey.” Analysts cite Russia’s unprovoked invasion of Ukraine and last year’s Colonial Pipeline cyberattack as two major impetuses that’ve shifted focus onto the need for stronger cybersecurity within the public sector.

As an example of this evolution, the report notes that New York Governor Kathy Hochul announced earlier this year the creation of a Joint Security Operations Center (JSOC). The center was designed “to coordinate state efforts to anticipate potential cybersecurity threats and respond to security incidents,” according to a statement from the governor’s office. The New York initiative builds on funding distributed to local governments through the American Rescue Plan Act.

It’s not just an increase in cyberattacks and the need for stronger cyber defenses that’s driving priorities. Substantial changes in society brought about by the pandemic over the last few years—like the sudden influx in those working from home—have shifted administrators’ priorities. 

In the technology institute’s survey, behind cybersecurity, “‘Modernizing outdated IT systems’ leaped to number two as COVID business disruptions likely exposed the brittle platforms that inhibited remote flexibility. It also comes as no surprise that IT leaders would have a lot of pent-up desire to revisit ‘innovation’ after two years of being in reactive mode,” the report says.

A little more than 60 percent of respondents said modernization and innovation were a high priority in the years ahead. Other priorities noted include launching digital services; addressing the integration of disparate systems; addressing data silos; and streamlining procurement processes.

It’s not just technical aspects of public sector IT that’s evolving. From the human resources side, public sector administrators are facing a hiring crisis. 

“Technology executives are finding it increasingly difficult to retain current staff and find new employees to maintain IT operations at an effective level,” the report says. “This includes the issues of IT employee burnout, a hot IT job market, and changing technical and professional skills that are required as IT expands its profile and capabilities.”

Meeting these new technological and administrative demands, the percentage of city and county administrators who said they expect their IT budgets to increase in the next budget cycle increased substantially over last year’s survey results. 

“Expectations for budget increases soared in this year’s survey with a slim majority (51 percent, up 19 percent from 2021) anticipating an increase of 1 percent to 4 percent and another 33 percent (up 16 percent vs. 2021) anticipating an increase of 5 percent or more,” the report says. “This can be attributed in part to the Biden administration’s American Rescue Plan Act (ARPA), which has been funneling an unprecedented amount of federal fiscal relief to cities and counties—$45.6 billion to metropolitan cities and $65.1 billion to counties—in two separate distributions in 2021 and 2022.”

As communities adjust to emerging cyber threats and prioritize their cyber defenses —an action that’s made possible via the increased federal funding—86 percent of administrators are bolstering their defense systems by prioritizing data backup, integrity and restoration; 67 percent said they’re modernizing defenses; 64 percent said they’re further establishing a security mindset; 62 percent said they’ve increased their efforts to train general staff members in best practices; and 59 percent are developing or testing cybersecurity incident response plans.

This acknowledgment of the digital threat landscape is impacting communities more broadly. Another digitally relevant shift highlighted by the report among cities and county administrators is a newfound embrace of emerging technologies like edge computing and the development of smart city strategies. About half said they’re actively developing either a comprehensive or partial smart city strategy. 

“Localities were at the forefront of the response, being guided by state and federal authorities—and sometime blazing their own trail based on local conditions. However, it could be that the rapid collaboration among agencies has laid the groundwork for smart government advances,” the report says. As communities emerge from the pandemic and confront unknown and unseen digital threats, “Now is the time to strengthen relationships with your organization’s leadership—appointed and elected—and to build on the lessons- learned over the past two years to better position IT as a trusted partner within the organization.”