Washington’s state and local governments possess countless IT systems that provide critical government services and handle vital and sometimes very personal data. The public expects government to do all it can to ensure that these systems are secure to ensure services are not interrupted, and stored data is not lost, stolen or damaged.
The Office of the Washington State Auditor launched the Cyber Checkup program in 2023, and one common result we found from this program is that local governments lack or need to improve their information technology (IT) policies.
A novel Washington program to help local governments quickly improve their cybersecurity was honored by the National State Auditors Association during its recent conference in Boise, Idaho.
The Center for Government Innovation at the State Auditor’s Office is celebrating: its newest service, the cyber checkup, is one year old. These checkups provide a fast, no-cost, independent review of local government cybersecurity programs.
It's #CybersecurityAwarenessMonth, and we thought local governments should be aware of our free cyber checkups!
We reviewed the results of cyber checkups after the program’s first year. We identified the topics that most local governments need to improve. The most common was needing to implement or improve IT policies. We first published this article in October 2023, but due to its importance, we’re republishing it as a reminder. Also, keep a watch for an upcoming article that reviews results from the cyber checkups.
Your government was probably the target of a socially engineered attack today. Fortunately, many of these types of cyberattacks are stopped by filters and firewalls before they ever reach you. But some attacks are successful because criminals find another vulnerability to exploit: you. According to a recent Verizon Data Breach Investigations Report, 85 percent of data breaches were caused by an employee.
As cyberattacks grow in sophistication, most folks in government know they need to be prepared with strong software and hardware security protocols. And while these technologies will provide protection against a variety of threats, they offer little protection from a major risk factor: your own employees’ actions.
Public services of all types depend on specialized computer systems and information technology applications. However, all too often those applications are out of date. In fact, between 40 percent and 60 percent of Washington state’s government applications should be considered “legacy applications” according to Washington Technology Solutions, the state’s centralized provider of IT services.
Local governments are fast becoming attractive targets for cyber criminals because of the vast amounts of sensitive data they maintain about their employees, infrastructure and residents. To keep pace with the constantly evolving threats and tactics, it's essential that you understand how to minimize your government's risk of attack.