Generative AI, cyber insurance fill out city CISO toolbelts
Local government cybersecurity officials said during an online event Tuesday that procurement, cybersecurity insurance and generative artificial intelligence are all tools they can use to combat ransomware.
Officials said they continue to be concerned with ransomware attacks, a longstanding threat to the public sector that rose 51% during the first eight months of 2023 compared to the same period a year earlier, according to the Center for Internet Security.
“Unfortunately, Atlanta several years ago had a ransomware attack. So that is very fresh in their minds,” Atlanta Chief Information Officer Alan Greenberg said during StateScoop and EdScoop’s Cybersecurity Modernization Summit. “They are very incentivized to make sure they put in all of the proper protections.”
Local agencies often have strict procurement rules to ensure government has the opportunity to spend tax dollars on the most effective and cost-efficient technologies. But those slow processes can become obstacles to rapid response.
“This is a lessons learned — make sure you understand your entity’s emergency procurement process,” said Brian Gardner, chief information security officer of Dallas, which last year suffered a ransomware attack that knocked offline the court system and Dallas Police Department website. “When you have a [cyber] event, you don’t want that to be a tripping point for yourself to slowing your ability to recover down.”
Gardner urged security officers to familiarize themselves with state and local emergency contracting protocols so they can be ready for cyberattacks.
Kim Lagrue, New Orleans’ security chief, said she’s an advocate for cybersecurity insurance, which can help offset costs from common cyber risks, including data breaches and ransomware.
“Cybersecurity insurance gave us a blanket move forward,” Lagrue said. “But many areas, small municipalities, smaller organizations, struggle to afford cyber security insurance, as the premiums have escalated so high.”
According to a 2022 survey by the nonprofit CompTIA , 92% of local governments have a governmentwide cybersecurity policy for employee behavior and operations. The…
