As American City & County explains, "There is a process that cities and counties should follow to ensure the security of their IT systems. Local governments should first identify all their assets and understand their cybersecurity posture."
"Every organization faces cybersecurity risks," says Wen Masters, vice president of cyber technologies, MITRE. "Ransomware attacks in recent years have made victims in virtually every sector and across elements of government at all levels."
"As we learned during MITRE's smart city initiative, some equipment is county-owned, some is city-owned, and some is under contract with outside organizations," says Masters. An example of the latter is if the local power company-utility owns some power poles and attached equipment.
"The variety of owners makes it hard to understand what equipment is present in a given area and what protections and cybersecurity practices are in place," adds Masters.