Published on May 13th, 2022 📆 | 5980 Views ⚑
0Employees Are Front Lines For Government Cybersecurity Defense
Cybersecurity continues to be a nagging threat for state and local governments. We see varying headlines blare on almost a daily basis that state and local governments need to be on alert for heightened risk of cyberattacks.
Sadly, over the past few years, we have seen how devastating a cyberattack can be on both our physical and digital critical infrastructure systems. We have witnessedâtoo oftenâhow a cyberattack has real-world implications that can lead to a wide variety of issues, from crippling hospitals to blackouts to water supply disruptions to traffic management system takedowns and worse.
Although the obstacles to combat cyberattacks seem daunting, they are surmountable. The best cyber defense is in your organizations: It is state and local government workers. While cybersecurity tools are vital, the âsecret sauceâ of the most cyber-secure organizations is their culture and their employees.
Employees can be your weakest link or your strongest cyber advocate. Every cybersecurity technology you deploy is only as strong as the people using it. Too often cybersecurity budgets are only focused on the investment in technologies and IT staff. It is time that we all make an investment in our people, our organizational culture and our cyber hygiene.
The weight of the cybersecurity burden should not just fall on the CIO, CSO and their teams because cybersecurity is every employeeâs responsibility. It is imperative that every employee know that they have a critical role in the organizationâs cybersecurity posture and fully understand what that means on a day-to-day basis.
What Can Governments Do?
What can state and local governments do to build a culture of cybersecurity and empower everyone within their organizations to be part of the solution? At the Cyber Readiness Institute, we have identified four foundational pillars.
Create strong passwords and authentication. Weak passwords are the point of entry for far too many cyberattacks. Every employee should use a 15-character password or passphrase and every government organization should require multi-factor authentication or MFA, also known as two-factor authentication, on their critical systems. MFA offers a human-centered technical solution. With MFA, the employeeâs password is no longer your organizationâs only line of cyber defense.
Install updates and patches. If not automated at the enterprise level, all employees should understand the importance of installing operating system updates and security patches when they become available.
Check for phishing emails. Phishing attacks remain the oldest and most efficient way to infiltrate cyber defenses. Yet, it is one of the most preventable types of attacks. Employees should verify the source before clicking on links in emails. They can do this by checking the âfromâ email address, not just the name in the window. If an email appears questionable, it probably is.
Steer clear of removable media devices. Â Data isnât meant to travel. USBs and other removable media devices can carry malware and viruses. Steer clear of them. If you canât, set up a secure process for testing external media before using.
Cybersecurity begins with a clear and open dialogue that doesnât begin and end at employee orientation. A workplace that takes cyber readiness seriously needs to reinforce the ramifications of cyber risks and the protections and good practices to mitigate them. That message must be shared repeatedly.
The attacks wonât stop coming so neither should your efforts to bolster your employeeâs ability to prevent them.
Gloss