Security Awareness Checklist for Local Government

Local government is an umbrella term that covers a variety of entities. These entities include jails, courts, police departments, local Social Security offices, social services, public transportation offices, schools, fire and police departments, local utilities/services and more. Local government agencies are what keep states, cities, towns and municipalities running.

This makes them a potential target for cyberattacks. Depending on the agency, it is very likely they will have a lot of Personally-Identifiable Information (PII) stored on their electronic systems. If PII is getting into the wrong hands, it can create the very real potential for identity theft. In order to protect local government assets and local citizens, agencies should always be improving their security.

The following checklist covers several important items for local government security awareness.

The Checklist

1. Determine Rules and Regulations Specific to Your Agency

Government agencies are subject to various rules, regulations and policies. The federal government has implemented rules related to cybersecurity and the ways various types of information should be handled. This includes such information as PII, HIPAA data and so forth.

One of the first things a local government agency should do is determine what types of potentially sensitive information they process and store. They can then determine which regulations they are required to follow and begin the process of implementing the proper processes to ensure that they are compliant.

2. Assess Threats Related to Your Particular Agency

There are multiple agencies that gather threat intelligence. Threat intelligence is used to determine what type of cyberweapons are used to complete cyberattacks. There have been viruses created just to target power grid controllers as well as systems that manage local utilities. Threat intelligence can also help to determine who the potential bad actors are. Having this data is useful in performing a threat assessment.

3. (Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Tyra Appleby. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/YnifAaRCQ5E/