Cybersecurity Challenges to American State and Local Governments

نویسندگان

  • Donald Norris
  • Anupam Joshi
  • Timothy Finin
چکیده

In this paper, we examine cybersecurity challenges to American state and local governments. In particular, we address the extent and magnitude of cyberattacks against these governments, the problems these governments face in preventing attacks from being successful, the barriers internal to their organizations that make cybersecurity difficult to achieve, and actions that they believe should be taken to improve cybersecurity practice. Our research method consisted of a focus group of information technology (IT) and cybersecurity (CS) officials from one American state. Among other things we found that cyberattacks, mostly in the form of malicious emails, are constant, 24/7/365, and can number in the tens of thousands per day (at least among state government and larger local governments). The participants in our focus group noted that while they weren't perfect at it, they felt that for the most part they had the technical side of cybersecurity under good control. These governments’ biggest cyber challenge is human error; that is, end users who (mostly by mistake and without malice) open an attachment or click on a link in a phishing email that then allows an attacker into the government’s IT system. We also found that the probability of a successful phishing cyberattack is relatively high. These governments face several barriers when attempting to prevent cyberattacks and when endeavoring to mitigate successful ones, including: insufficient funding and staffing; problems of governance (namely, lack of control over all actors within a governmental unit due mainly to the federated nature of government); and insufficient or under-enforced cybersecurity policies. Our participants also noted that there are several common sense ways that state and local governments can improve cybersecurity. Among others, these include: frequent vulnerability assessment, continual scanning and testing, securing cybersecurity insurance, improving end user authentication and authorization, end user training and control, control over the use of external devices (flash drives, etc.), improved governance methods, sharing information about cyberattacks and cybersecurity policies and practices among governments, and, finally, creating a culture for cybersecurity in governmental organizations. Areas for further research into state and local government cybersecurity include: the types of cyberattacks that state and local governments typically face; the types of actions that these governments should take to prevent the attacks from being successful and to mitigate the results of successful attacks; gaps between these governments’ need to prevent and mitigate cyberattacks and their ability to do so, including barriers to effective state and local government cybersecurity and best cybersecurity practices; and recommendations for improving state and local government cybersecurity.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

GAO-05-434 Critical Infrastructure Protection: Department of Homeland Security Faces Challenges in Fulfilling Cybersecurity Responsibilities

To view the full product, including the scope and methodology, click on the link above. For more information, contact David Powner at (202) 512-9286 or [email protected]. As the focal point for critical infrastructure protection (CIP), the Department of Homeland Security (DHS) has many cybersecurity-related roles and responsibilities that we identified in law and policy (see table below for 13 ke...

متن کامل

Cybersecurity or Privacy [Guest editors' introduction]

C ybersecurity is a major concern—the IT infrastructures of governments, industry, and even hospitals are being penetrated with increasing frequency and sophistication. The growth of mobile and Internet of Things (IoT) devices will provide many benefits, but will also create new cybersecurity and privacy challenges. If at all, to what extent should we give up on the freedom from being observed ...

متن کامل

Perception, Adaptation Strategies and Challenges of Climate Change among Rural Households in Anyigba, Dekina Local Government Area Of Kogi State, Nigeria

Climate change is one of the most serious challenges confronting agriculture, particularly, in rural Nigeria. This study examined the perception, adaptation strategies and challenges of climate change among rural households in Kogi State, Nigeria. A two stage sampling techniques was used in the study. The first stage involves the purposive selection of six (6) rural farming communities, followe...

متن کامل

An Approach to Governance of CyberSecurity in South Africa

A government has the responsibility to provide, regulate and maintain national security, which includes human security for its citizens. Recent declarations from the UK and USA governments about setting up cybersecurity organisations and the appointment of cyber czars reflect a global recognition that the Internet is part of the national critical infrastructure that needs to be safeguarded and ...

متن کامل

Implementing Federalism in the Health System of Nepal: Opportunities and Challenges

Nepal moved from unitary system with a three-level federal system of government. As federalism accelerates, the national health system can also speed up its own decentralization process, reduce disparities in access, and improve health outcomes. The turn towards federalism creates several potential opportunities for the national healthcare system. This is because decision making has been devolv...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2017