How Local Governments Can Respond To Growing Cyberthreats

How Local Governments and Emerging Risk Specialists Can Respond to Growing Cyberthreats

“You want to give citizens access, whether it’s to pay a water bill or review their kids’ grades,” Thom Rickert said. “That openness makes them an easier target.”

It began with a threatening text message sent to a Montana school district superintendent last fall. But it soon escalated into a major cyber extortion attempt by a group calling itself “Dark Overlord,” ultimately prompting officials to shut down more than 30 schools for three days.

The group, which demanded bitcoin in exchange for not releasing sensitive data, was also blamed for cyberattacks in other states.

It’s a chilling example of how school systems can be a particularly inviting target for cybercriminals. And the same is true of local governments.

Why? Those charged with serving the public are often hindered by tight budgets and a lack of skilled cybersecurity personnel to combat these risks head-on. And by their very nature, they’re supposed to be open, public spaces, making them a tempting mark for cybercriminals who see them as soft targets.

Cyberattacks on the rise

And the problem is only getting worse.

About one-third of local government chief information officers reported experiencing more cyberattacks, incidents or breaches during the last 12 months, according to a 2016 survey by the International City/County Management Association (ICMA). They’re also becoming more frequent: 26 percent reported a cyber-related attack at least once an hour, while an additional 18 percent reported experiencing an attack at least once a day.

One recent example happened in North Carolina, where a county government’s computers were shut down following a ransomware attack. 

Threat as form of protest grows

We’re also seeing a rise in “hacktivism,” which targets governments’ computer networks for political or social causes. One example is a cyberattack launched against the state of Michigan’s website apparently meant to draw attention to the Flint water crisis. You also saw government websites in North Carolina targeted to protest the so-called bathroom law.

Governments underprotected and underinsured

Despite these incidents becoming more prevalent, many local governments still don’t have one thing that can significantly mitigate those risks: a cyber insurance policy.

The ICMA study revealed more than half – or 56 percent – of local governments had not purchased cybersecurity insurance.

We also conducted our own survey at Argo Group, which revealed that 40 percent of those who identified as working in public administration or education had not purchased cyber insurance.

Other takeaways from Argo’s survey

  • Education respondents were 50-50 when asked if they had purchased cyber insurance, whereas 73 percent of public administration respondents reported having coverage.
  • When asked why more education respondents hadn’t purchased cyber insurance, most said it was because their senior managers were not interested.
  • Among policyholders who made a claim within the past year, 100 percent agreed that their policy covered the impacts caused by a cybersecurity breach.
  • The majority of cyber incidents that education and public administration respondents encountered over the past year involved lost/stolen laptops; virus, spyware, malware or other malicious code; and vulnerabilities related to cloud data storage.
  • Argo also interviewed brokers in these target markets, and most indicated a notable rise in the increase in security breaches their clients are experiencing. They noted that clients are largely looking for risk assessment/management, forensic analysis/investigation and network security.

Insurers increasing their cyber coverage offerings

It’s a critical need that should be addressed head-on, which is why a growing number of insurers, including my employer Trident Public Risk Solutions – a member of Argo Group – are investing heavily in cyber coverage.

In 2018, Trident rolled out new products and enhancements to help public entities minimize this growing threat.

Our Data Compromise 360© product is designed to help local governments respond to personal data breaches, while Cyber Coverage 360© helps local governments respond to computer attacks and cyber extortion.

We’re also providing an added benefit: access to Trident’s eRiskHub® portal, an online resource for training, best practices and other risk management tools for cyber exposures.

About the author

Thom Rickert is vice president, head of marketing and emerging risk specialist, at Trident, a member of Argo Group. He has executive leadership experience in all property and casualty lines of business, spanning multiple segments and industries with advanced expertise in public entity risk. He has been responsible for implementing corporate compliance and efficiency projects and served as the business leader for technology solutions in policy administration, underwriting, channel management and business development analytics.

About Trident

Trident protects small to large public entities by providing innovative insurance products, risk control resources and underwriting solutions. It services more than 2,000 municipalities, counties, public schools (K-12), community colleges, special districts and risk-sharing pools.

Learn how Trident Public Risk Solutions has public entities covered when it comes to risk management at

For more timely articles and insights into public entity risk, follow us on LinkedIn.

Disclaimer: Trident Public Risk Solutions provides its risk management assessment information and recommendations with the intention of assisting its clients with the management of their insurance risks, exposures and losses. By providing its clients with such risk management information and recommendations, Trident does not warrant that a client will necessarily experience a reduction of its insurance risks, exposures and/or losses. Trident expects that its clients will consult with legal counsel in the development of their risk management program as Trident’s risk management information and recommendations are not intended to provide its clients with any type of legal advice or guidance. Further, the performance by Trident of any type of risk management inspection, assessment, and/or evaluation for its clients, is not intended to be relied upon by its clients as confirmation that a client’s facilities, property, operations or personnel are safe, healthy and/or in compliance with any applicable legal and/or regulatory requirements.