Cyber attacks against businesses may dominate the news headlines, but recent events point to the growing number and range of cyber threats facing public entities and government agencies.
City officials yesterday confirmed that city and county computer systems in Madison, Wisconsin were being targeted by cyber attackers in retaliation for the shooting death of Tony Robinson, an unarmed biracial man, by a Madison police officer last Friday. A Reuters report says the cyber attack is thought to have been initiated by hacker group Anonymous.
Then on Sunday the website of Colonial Williamsburg was hit in a cyber attack attributed to ISIS. The attack targeted the history.org website and comes just a week after the living history museum offered to house artifacts at risk of destruction in Iraq.
Meanwhile, Florida’s top law enforcement agency is reported to be investigating testing delays in public school districts caused by cyber attacks on the Florida Standards Assessment (FSA) testing system.
And a recent cyber attack at multiple New York City agencies including the office of the NYC mayor recently took down computer systems for most of a day.
There are many more examples.
Given the large amounts of confidential data held by public entities and government agencies, it’s not surprising that they are a target for cyber attacks.
Last year data breaches in the government/military sector accounted for 11.7 percent of U.S. breach incidents, according to the Identity Theft Resource Center (ITRC).
A GAO report here points to the cyber security risk to Federal agencies and critical infrastructure.
In a viewpoint at American City & County blog, Robin Leal, underwriting director at Travelers Public Sector Services recently warned of the growing cyber risks facing public sector organizations.
Leal cited data from a survey at the 2014 Public Risk Management Conference and 2014 National Association of Counties (NACo) conference showing that public officials’ confidence in their cyber protections is alarmingly low.
Only 13 percent of respondents to the survey were “very confident” that their public entity has adequate protection against cyber threats.
As well as written policies and procedures to handle cyber threats, Leal said public entities should consider cyber insurance.
Only 10 percent of current public sector clients add cyber protections to existing insurance policies, and for the majority of new business submissions cyber insurance is not part of their current coverage, Leal noted.
Check out the I.I.I. white paper Cyber Risks: The Growing Threat.