In a recent post at the The City Innovators Forum, they share how city leaders have several ideas on how to leverage protection and planning against ransomware attacks.
1) Create a Risk Register, which is an inventory of assets categorized by high, medium, and low, so the city understands what data is available and what is most critical to protect. Funnel efforts to secure the most critical data first. 2) Do penetration tests to find vulnerabilities in the system. Some city leaders suggested enlisting the help of high school and college students in hackathons to identify security vulnerabilities and possible solutions for remediation. 3) Create an incidence response plan that details how the city will identify, detect, and react to a security breach, should one happen. Conduct security awareness training regularly. Software such as KnowBe4 can be used to train and test city employees and also identify potential weaknesses in the system. Some cities also do emergency management tabletop exercises across the entire city. 4) Carry enough cybersecurity liability insurance to get the city through an attack if needed. Once you follow the above steps and put control mechanisms in place, the insurance company may even lower your liability rate. 5) Back up data in other locations and in the cloud to ensure business continuity and disaster recovery. 6) Stay on top of what is happening by getting threat assessments and threat updates. 7) Build a better network from the inside out, knowing that many ransomware events happen from someone within the organization. 8) Learn from others. The city of Los Angeles gets hacking information from a group of local businesses, and cities can also learn from each other.
As one city leader put it, when it comes to cybersecurity, “It’s the risk mitigation game.” Learn more at The City Innovators Forum. If you appreciate Smart Cities content, also visit Spark Growth at www.sparkgrowth.net