Report: Local cybersecurity programs are facing headwinds as threats, technologies evolve

The evolving technological landscape isn’t just changing the nation’s social and economic norms, it’s also pushing local governments to adapt. A new analysis from the Public Technology Institute provides a snapshot of the challenges local cybersecurity programs are facing, and the priorities of city and county administrators as they guide organizations through an unprecedented era of digital evolution.

“Today, no technology article, report, or discussion would be complete without a mention of Generative AI,” reads a forward to the analysis, “2023 Local Government Cybersecurity National Survey,” written by Alan Shark, executive director of the Public Technology Institute. “Local governments are utilizing AI to deliver services to the public, as a tool to make their enterprises more secure, and exploring a variety of potential uses that would improve government operations. As we utilize and explore AI, what are the risks we need to be aware of? What are the possible rewards? And how do we ensure that local government employees understand the impact of how they use AI?”

Shark noted a number of challenges faced by local governments including internal and external security threats, staffing and employee education challenges, and funding shortages. Notably, the U.S. Department of Homeland Security slated $374.9 million in 2023 to address cybersecurity risks and threats to local systems, although the funding impact is limited because of the high number of organizations eligible for grants.

In a survey of 30 local government IT executives included in the analysis, 23% said they’re “very engaged when it comes to organization-wide cyber security efforts,” while 67% said they’re “somewhat engaged,” the report says. Thirty-six percent said they “feel that their budget is adequate to support cybersecurity initiatives,” and that “developing and maintaining a cybersecurity strategy is the number one priority initiative for the coming year.” Conversely, 64% said it’s not sufficient—a datapoint that’s nearly unchanged over the last year.

And as local administrators work to address cybersecurity challenges, the increasing sophistication of digital attacks is making things difficult. To meet these and other challenges, 40% of respondents said they’re turning to vendors that utilize AI solutions for cybersecurity support. Looking to the future, administrators said they intend to prioritize cybersecurity strategy most of all, followed by risk assessments, malware detection and mitigation, multifactor authentication, and zero trust. Artificial intelligence and robotic automation are the least prioritized strategies.

But while there are challenges, Shark noted that local government administrators are rising to meet them.

“Numerous examples exist of successful vendor and partner engagement; there is increasing recognition by elected officials that cybersecurity is a priority, there is increased resource sharing between state and local government, and many organizations are implementing programs that promote cross- training, internships, and other opportunities to improve the skills of our cyber workforce,” Shark wrote.

For more information and to review the full report, visit the Public Technology Institute’s website.