Are your IT policies strong enough? Chances are, probably not

We reviewed the results of cyber checkups after the program’s first year. We identified the topics that most local governments need to improve. The most common was needing to implement or improve IT policies. We first published this article in October 2023, but due to its importance, we’re republishing it as a reminder. Also, keep a watch for an upcoming article that reviews results from the cyber checkups.

You’re the weakest link: How to avoid revealing your government’s sensitive information to hackers

Your government was probably the target of a socially engineered attack today. Fortunately, many of these types of cyberattacks are stopped by filters and firewalls before they ever reach you. But some attacks are successful because criminals find another vulnerability to exploit: you. According to a recent Verizon Data Breach Investigations Report, 85 percent of data breaches were caused by an employee.

Regular training can help your employees be your first line of defense against cyberattacks.

As cyberattacks grow in sophistication, most folks in government know they need to be prepared with strong software and hardware security protocols. And while these technologies will provide protection against a variety of threats, they offer little protection from a major risk factor: your own employees’ actions.

New report, resource published on managing outdated government software applications

Public services of all types depend on specialized computer systems and information technology applications. However, all too often those applications are out of date. In fact, between 40 percent and 60 percent of Washington state’s government applications should be considered “legacy applications” according to Washington Technology Solutions, the state’s centralized provider of IT services.

Smart governments know cyber health is key. Talk to SAO’s Center for Government Innovation today about a free checkup!

Local governments are fast becoming attractive targets for cyber criminals because of the vast amounts of sensitive data they maintain about their employees, infrastructure and residents. To keep pace with the constantly evolving threats and tactics, it's essential that you understand how to minimize your government's risk of attack.

Cybersecurity Special Report 2023: Roundup of 2022 audits and other work

Washington's state and local governments possess countless IT systems that provide critical government services and handle vital and sometimes very personal data. The public expects government to do all it can to ensure that these systems are secure to ensure services are not interrupted, and stored data is not lost, stolen or damaged.

Does your government use electronic disbursements? SAO offers tips and resources for evaluating your cyber fraud risks

The disruptions caused by the COVID-19 pandemic resulted in increased dependence on technology and electronic payment networks. This shift has created new opportunities for bad actors to steal public resources and assets from your government. By using various cyber fraud schemes, such as fake email addresses or compromised email accounts, bad actors are successfully tricking governments into rerouting electronic disbursements to their own accounts. And the fraudsters are raking in a hefty profit.

Do you have employees working remotely? Help them protect your government’s data

The COVID-19 pandemic forced local governments to rapidly convert many office employees to work-from-home employees. While some have returned to the workplace, many employees continue to work either fully or partially remotely. Working from home has many benefits, but it also brings additional risks because remote workers are more vulnerable to cybercrime than those who work in the office.