Ransomware. Phishing. Pharming. DoS. Malware. As we become more digitally interfaced and reliant on internet connected technologies for our day to day work, we are exposing ourselves to a host of potential cyber threats. These cyber threat actors covet the sensitive data that your municipality holds. Whether its information about your residents (permits, bill payments) or the infrastructure you operate (traffic cameras, water systems), this data is valuable especially as municipalities attempt to unlock efficiencies by offering more and more services online.
The bottom line is this: no municipality is immune from an attack.
With increasing incidents of municipalities experiencing cyber attacks over the last few years, cyber security has emerged as a key priority for AMO’s members. That’s why AMO reconstituted its Digital Government Task Force to explore cyber security opportunities that AMO and LAS could offer members.
The Task Force delivered a Municipal Cyber Security Toolkit designed to build cyber security knowledge as well as help members manage the risk of a potential attack with best practices and other policy considerations.
There is no silver bullet solution to municipal cyber security. That said, effective cyber security measures are built around a combination of technology measures to protect your critical IT systems and around appropriate education and training of council members and staff. The weakest point is often human error or misjudgment – someone receives an email and inadvertently clicks what appears to be a legitimate link that unleashes a ransomware program that blocks you out of your systems, effectively shutting down the municipality – so it is vital to educate and train council members and staff periodically about recognizing a potential cyber threat before it happens.
Cyber security is a shared responsibility across a municipality. It is not limited to just your IT staff but requires buy-in from across your organization to succeed. As elected officials, you are the custodians of the data within your municipality and you need to ensure that the sensitivity and security of that data is preserved. You need to know the threats that exist and the potential impact to your municipality. These can be the costs of dealing with an attack, the damage to your municipality’s reputation, the legal liability and risk you might face just to name a few. That is why it is vital that you champion robust cyber security measures within your municipalities. AMO’s Municipal Cyber Security Toolkit can be used to guide those conversations.
Ultimately, the Digital Government Task Force determined that AMO can create positive outcomes around municipal cyber security through appropriate education and training of both council members and municipal staff. We will be working closely with our partners from MISA-Ontario on the development of a cyber security education module.
Together with MISA-Ontario we are co-hosting a free Municipal Cyber Security 101 Forum on October 22, from 10 am to 1.30 pm (EDT) where participants will learn cyber security basics, how to implement the right training, and hear from experts about how strengthening cyber security should be the default setting of your municipality. We hope you can join us for that event.