Cities and counties should ID their IT assets as they work to eliminate ransomware risksCities and counties should ID their IT assets as they work to eliminate ransomware risks

Every organization faces cybersecurity risks, says Wen Masters, vice president of Cyber Technologies at MITRE. “Ransomware attacks in recent years have made victims in virtually every sector and across elements of government at all levels.” She points to “The State of Ransomware 2024” report from Sophos that spotlights wide-ranging cyber vulnerabilities. 

MITRE is a non-profit government R&D services provider that operates six federally funded R&D centers (FFRDCs) on behalf of the U.S. government. One of the centers it manages is the country’s only FFRDC dedicated solely to cybersecurity.

Masters says there’s a process that cities and counties should follow to ensure the security of their IT systems. “Local governments should first identify all their assets and understand their cybersecurity posture.” One of the challenges, she explains, is that much of the equipment deployed within a city-county is owned by a variety of organizations.

“As we learned during MITRE’s smart city initiative, some equipment is county-owned, some is city-owned, and some is under contract with outside organizations.” An example of the latter is if the local power company-utility owns some power poles and attached equipment. “The variety of owners makes it hard to understand what equipment is present in a given area and what protections and cybersecurity practices are in place.”

Masters notes that cities and counties often don’t have the resources to adequately defend against cyber-criminals. “Local governments are often under-resourced with very small IT budgets and a lack of staffers who can help.” Masters adds that the public sector faces another challenge: lower pay levels. “Cities often can’t compete to get the right staff given the commercial organizations’ abilities to pay at much higher rates.”

Cities and counties can employ a variety of cybersecurity tactics and technologies to protect against hackers and ransomware threats, Masters says. “The MITRE Ransomware Resource Center, which focuses on the healthcare sector, provides multiple resources that local governments can implement to strengthen their defenses against cyber threats and enhance their overall cybersecurity posture.”

She explains: “Resources and tools on the Ransomware Resource Center are categorized around the five stages of the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework.” The following general themes summarize the NIST Cybersecurity Framework:

• Risk management and planning: This includes conducting risk assessments, developing comprehensive cybersecurity plans, and implementing incident response and disaster recovery strategies.

• Education and awareness: This theme focuses on training employees to recognize and respond to cybersecurity threats, such as phishing and social engineering.

• Access and identity management: IT managers should implement measures like multi-factor authentication and strict access controls to ensure only authorized personnel can access sensitive systems and data.

• Network and system security: Administrators employ techniques such as network segmentation, regular software updates, patch management, and endpoint protection to safeguard systems against vulnerabilities and attacks.

• Data protection and recovery: Systems managers ensure data is encrypted and regularly backed up, with secure storage and tested recovery procedures to mitigate the impact of ransomware attacks.

• Monitoring and intelligence: Use threat intelligence services and continuous monitoring to detect and respond to suspicious activities and stay informed about emerging threats.

• Collaboration and information sharing: IT directors engage in networks and partnerships with other entities to share information and best practices for cybersecurity.

Masters tells Co-op Solutions that the National Cybersecurity Center of Excellence (NCCoE) is another asset that local governments should consult for IT security tips and advice. “The center provides resources on cyber best practices and implementation guides to help organizations select and deploy cyber products. These products can aid in addressing common security gaps.” MITRE operates the National Cybersecurity FFRDC, which is the FFRDC that supports NCCoE.

Masters believes artificial intelligence (AI) can potentially be both a help and a hindrance for cities and counties to secure their IT systems. She explains that AI can help to automate and support some defensive cyber operations functions. These defensive tools, she notes, can potentially lessen the need for the agency’s hiring highly skilled cybersecurity analysts and subject matter experts.

The MITRE executive offers this caution: “On the other hand, the AI systems themselves need to be secured; this is an area where experience is still being gained. AI has great potential to help cities and counties secure their IT systems, but more work is needed to reach that objective.”

OMNIA Partners, who sponsors this page, offers a robust portfolio of cooperative contracts in the public procurement space. The firm lists a number of cooperative contracts under the keyword “security.”