Forrester researchers warn that “There’s no such thing as ‘too small’ or ‘too off the radar’ for opportunistic cybercriminals.” Indeed, small towns are vulnerable to cyberattacks, as they house critical infrastructure, including sensitive data and essential water, energy, and utility systems. The U.S. is a nation of these mostly smaller communities. Census data confirms that of approximately 19,500 incorporated places, about 75% have fewer than 5,000 people, and nearly 33% have fewer than 500. While cybersecurity improvements can focus on prevention, cyber resilience requires the ability to anticipate, withstand, adapt to, and recover from cyber incidents. According to Michael Mestrovich, CISO for data security company Rubrik, cyber resilience is a combination of cyber posture and cyber recovery. It encompasses incident response and operational continuity. Even with limited resources and technical expertise, small towns can take steps to help prevent the exposure of confidential data, the loss of public trust, service disruption, and high recovery costs.
Diagram Your Organizational Data Flow
To design a robust cyber resilience framework, small towns need to visualize their organizational data flow. This includes identifying data sources by listing every device, application, and system that stores or processes data such as Social Security numbers, personnel records, tax information, and voter records. Classifying data types is another crucial step in this process, categorizing the data as public, confidential, or sensitive. Once data sources and classifications are identified, analyzing how data moves internally and externally will help map data-sharing practices.
Reviewing user access is essential to ensure that permissions and access to sensitive data are commensurate with the user’s role within the organization. By assessing permissions, towns can prevent unauthorized users from accessing sensitive information, thus mitigating potential risks. Lastly, applying controls such as privileged access management, identity and access management, and multifactor authentication will enhance data protection. Implementing these controls ensures that only authorized individuals can access confidential data, thereby reducing the likelihood of data breaches.
Assess Existing Cybersecurity Actions
Small towns must periodically assess their existing cybersecurity measures by conducting vulnerability scans on their systems to discover potential weaknesses. Implementing a proactive patch management strategy by applying software updates and patches in a timely manner will also mitigate vulnerabilities. Local threats must be taken into account, identifying insider threats and social engineering tactics specific to the town’s environment, and ensuring that appropriate security measures are in place to combat these risks.
Additionally, evaluating third-party risk is an integral part of maintaining cybersecurity. Small towns need to conduct due diligence on vendors who have access to confidential data and interact with their networks and systems, such as credit card processing companies and payroll services. This evaluation helps identify areas where third-party interactions could pose risks, and subsequently, appropriate measures can be taken to address them.
Review Data Lifecycle Management Approaches
Data lifecycle management practices play a significant role in cybersecurity. Towns should establish best practices for data retention and deletion, informed by the sensitivity and functional need of the information, legal and operational requirements, and historical value. This helps reduce the attack surface by ensuring that only necessary data is retained.
Automating data management and protection processes is another effective strategy. Using tools to rapidly back up data and automatically delete it once it reaches the end of its retention period ensures that sensitive data is consistently managed and protected. Safeguarding backups is also critical; protecting these backups from malicious data encryption, modification, or deletion ensures that a reliable copy exists for recovery purposes, minimizing the impact of potential cyber incidents.
Explore Cyber Insurance Options
Considering cyber insurance options is essential for small towns to mitigate the financial impact of cyber incidents. Properly insuring involves taking steps to obtain appropriate coverage that aligns with the town’s specific needs. Due to the evolving cyber insurance landscape, with high payouts leading some insurers to impose stringent security standards or exit the market entirely, towns should explore alternative options.
Self-insuring through security bonds or other reserves presents a viable alternative, as does participating in lower-cost cyber risk pools. These pools, often formed by consortiums of local governments, not only provide financial coverage but also offer added benefits such as cybersecurity support and resources.
Utilize Available Cyber Resources
Small towns can strengthen their cyber resilience by utilizing available resources. Familiarizing themselves with the NIST ransomware risk management framework, which emphasizes incident response planning, internal communication strategies, and public information dissemination, can significantly enhance their preparedness for cyber incidents. Connecting with federal agencies such as the FBI, CISA, NSA, and DHS provides valuable resources for quickly identifying and responding to threats.
Another resource worth exploring is membership in InfraGard, a public-private partnership between the FBI and the private sector designed to protect critical U.S. infrastructure. Small-town chapters provide training, briefings on emerging threats, and networking opportunities that facilitate information sharing and collaboration. Participation in state-level events, such as the Massachusetts Municipal Cybersecurity Summit, can further bolster small towns’ cyber resilience efforts.
Apply for Cybersecurity Grants
Forrester researchers caution that no target is “too small” or “too off the radar” for opportunistic cybercriminals. Small towns are particularly vulnerable to cyberattacks due to their critical infrastructure, which includes sensitive data and essential systems for water, energy, and utilities. In the U.S., many communities are small. Census data shows that of the roughly 19,500 incorporated places, about 75% have fewer than 5,000 residents, and nearly 33% have fewer than 500. While improving cybersecurity can focus on prevention, achieving cyber resilience requires the ability to anticipate, withstand, adapt to, and recover from cyber incidents. Michael Mestrovich, CISO for Rubrik, a data security company, states that cyber resilience combines cyber posture and cyber recovery, involving incident response and operational continuity. Even with limited resources, small towns can still take measures to protect confidential data, maintain public trust, prevent service disruptions, and minimize recovery costs.
