In the wake of last December’s SolarWinds cyber attack, it’s become apparent that the fallout from the hack didn’t just damage the federal government’s cybersecurity defenses, but state and local government’s as well. No less of a target than their federal counterparts, state and local government cybersecurity’s top three issues are budget, talent, and increasing cyber threats. Although the threats they face may differ, both federal and state government share a need for additional threat intelligence sharing and a solution to the cyber skills shortage.
The state of local government cybersecurity
Since 2017, attacks on state and local governments have risen by almost 50 percent, with average ransomware demands inflating from $30,000 to nearly half a million dollars. Because of their smaller size and their need to stay operational, state and local governments have become a favored target for threat actors – particularly ransomware operators – as smaller agencies are more likely to pay to recover from an attack. Even organizations that pledge not to pay ransoms often spend more on recovery than the attackers originally demanded; The city of Baltimore spent nearly $18 million recovering from an infection after refusing a $78,000 ransom, and a ransomware attack cost the New Orleans city government $7 million in 2020.
The global cybersecurity skills gap has led to a shortfall of 3.12 million cyber professionals, with state and local governments lacking “the right tools and people […] compared to federal” for managing cybersecurity risk, according to a Ponemon report. Additionally, as many government employees continue to work from home after the COVID-19 pandemic, remote workers have created a broader attack surface, and the steady adoption of cloud-based technology has likely weakened security further with the addition of yet more tools to secure. These tools are an unwelcome added cost for smaller government organizations, who tend to have smaller budgets than larger government agencies.
Federal v State
Compared to larger, federal-level government agencies, more state and local organizations describe their cybersecurity programs as being in the early and middle stages of maturity, and state government security professionals also ranked their ability to prevent, detect, contain, and recover from a cyber attack lower than federal professionals did.
Improving state and local government cybersecurity means making improvements to cyber threat detection and prevention. Federal agencies have been found to have a stronger cybersecurity posture than state agencies, as federal agencies rely more on intelligence sharing. Only 29 percent of federal respondents and 21 percent of state and local respondents feel that their organization’s collection and use of actionable intelligence is effective in predicting cyber threats. However, state and local government organizations have great opportunities for innovation, with workers in local government “more positive about their ability to innovate” than their federal peers, due to the flexible and autonomous nature of smaller governments.
Utilizing threat intelligence
After working on secure communications systems for the Department of Defense, Centripetal’s CEO Steven Rogers used his experience in government security to develop CleanINTERNET, a solution that aggregates over 3,500 cyber threat intelligence feeds, shielding ‘all risk’ threats automatically and delivering personalized threat intelligence insights to you and your team. By offering constant threat hunting on your behalf, we act as an extension of the cybersecurity team, alleviating the burden on smaller teams and bridging the cybersecurity skills gap, making existing security tools more viable. CleanINTERNET saves millions of dollars on separate cyber threat intelligence feeds, helping to mitigate the risk of non-compliance and making us one of the best solutions for state and government cybersecurity.