Company 
Team 
Local Government Partners 
Case Study
Company News 
Team Member Spotlight 
Managed IT Services
Co-Managed 
Managed Security Services 
Data Backup + Disaster Recovery 
Compliance as a Service 
SharePoint
Power BI
Web Design + Hosting
Application Development
Businesses 
Municipalities 
Local Government Services 
Healthcare
Manufacturing
Aerospace and Defense
Case Studies
Guides
News
Events
Municipalities
Healthcare
Managed IT Services
Compliance
Cybersecurity
On July 17, 2025, the National League of Cities released its “State of the Cities 2025” report based on mayoral speeches and a survey of mayors. The report outlines the highest mayoral priorities—ranging from economic development to public health.
As cities strive for revitalized downtowns, resilient infrastructure, and thriving communities, robust IT systems and effective cybersecurity are not just support functions. They are foundational tools. Investments in technology make it possible for municipalities to deliver reliable services, foster innovation, and adapt to emerging challenges. While technology and cybersecurity may not always be the headlines, they are essential enablers underpinning the success of these priorities.
Although the NLC report notes that “government data/technology” has averaged as the lowest priority out of 10 areas for the last decade, the reality is that success in each priority depends on strong IT. The digital backbone of a city empowers leaders to make data-driven decisions, ensure continuity during crises, and earn the confidence of businesses and residents alike.
This blog post explores five mayoral priorities from the NLC report and demonstrates how IT and cybersecurity are the connective threads enabling municipalities to achieve their most ambitious goals.
Economic Development
Even though it seems like the least IT-related priority, we’re addressing economic development first because it’s the top mayoral priority in 2025.
If a municipality wants to attract and retain businesses, revitalize their downtown, enable workforce growth, support tourism, improve quality of life, and foster innovation, then they need reliable technology infrastructure and to implement cybersecurity best practices.
Investing in IT and cybersecurity can significantly enhance economic development in several ways:
- Reliable digital infrastructure inspires business confidence: When your public services are fast, dependable, and resilient, businesses view your municipality as an attractive place to invest and collaborate.
- Strong cybersecurity measures foster trust: Proactive protection against cyberattacks reinforces your municipality’s reputation, ensures continuity of services, and reassures businesses that they can interact safely with you.
- Efficient public-facing services for businesses and residents showcase your municipality: Streamlined, secure digital systems for permits, business licenses, tax filings, and GIS data sharing demonstrate your commitment to progress and convenience, making it easier for investors, entrepreneurs, and residents to engage with you.
- Robust data-driven decision making strengthens your economic development strategies: With a solid data infrastructure, your municipality can effectively track trends in business growth, housing, tourism, and workforce needs, leading to informed decisions that benefit the entire community.
Disaster Recovery
According to the NLC report, “Only 25 percent of city leaders are very prepared for natural disasters or emergencies that may impact local infrastructure in 2025.” While mayors are referring to infrastructure such as water systems, roads, and bridges, a disaster can affect many areas of a municipality—including a municipality’s own operations.
Police, fire, and emergency responders rely on IT to do life-saving work. Public works can’t efficiently coordinate and start emergency repairs without IT. Municipal employees need IT to effectively communicate with residents. If a disaster takes out your data and access to networks, your ability to react to a disaster is greatly hindered.
Despite this fact, many municipalities overlook the impact that lack of access to data, permanent data loss, data recovery from damage and outages, and data restoration can have on operations. While mayors are correct to worry about access to water, impassable roads, and bridge damage, severe operational disruption is also something to anticipate and prevent.
Municipal leaders have a valuable opportunity to enhance community resilience by taking a proactive approach to data backup and disaster recovery. Here are some key areas where thoughtful planning can make a significant impact:
- Recognizing the value of accessible data: Ensuring that data is readily available across all municipal operations is essential. Regularly testing backup systems and securely storing backups offsite helps safeguard information from both physical and cyber threats, reinforcing operational continuity.
- Planning for efficient data restoration: Timely and complete data restoration is crucial during a crisis. By optimizing backup systems and recovery protocols, municipalities can ensure that vital services—such as emergency response and public communications—remain uninterrupted.
- Integrating backups into a comprehensive recovery strategy: Data backups are a foundational element, but true protection comes from a holistic disaster recovery plan. Collaborating with IT teams to prioritize critical applications and data, define recovery roles, and establish a clear incident response plan ensures a coordinated and effective response when it matters most.
🔎 Related : IT Disaster Recovery Blueprint for Municipal Leaders
Cybersecurity
It’s not a surprise that 98% of mayors expressed concern around cybersecurity. According to the NLC report, “Research shows that cyberattacks on municipal governments are rising quickly, revealing vulnerabilities and inflicting financial damage.”
It’s encouraging to see mayors and municipal leaders expressing concern and raising awareness about cybersecurity. This widespread recognition presents a powerful opportunity to take meaningful steps toward stronger protection.
Based on our conversations with hundreds of municipalities, we see some key areas where focused action can make a significant impact:
- Enhancing threat detection capabilities with Endpoint Detection and Response (EDR): Implementing EDR empowers municipalities to detect and respond to sophisticated threats that traditional antivirus tools may miss—ensuring greater threat visibility and faster containment of potential cyberattacks.
- Significantly reducing hacking risks with Multifactor Authentication (MFA): MFA is a simple yet powerful tool that prevents over 99% of account takeover attempts. By enabling MFA across critical systems, municipalities can significantly reduce the risk of unauthorized access to sensitive and critical data.
- Significantly reducing phishing risks with Advanced Email Security: Phishing remains the most common entry point for cyber threats. Upgrading from basic spam filters to layered email security solutions helps protect your staff and systems from deceptive attacks before they even get to your inbox.
- Empowering staff through Security Awareness Training: Employees are a vital line of cybersecurity defense. Regular, engaging security awareness training equips staff with the knowledge and confidence to recognize and respond to threats—building a culture of cybersecurity across your municipality.
Water Systems
According to the NLC report, water systems are highest on the list of infrastructure priorities for mayors. It’s worth noting that water systems, to succeed in their mission of providing safe, clean drinking water to households and businesses, need robust IT and cybersecurity to succeed. Yet, water systems are some of the most vulnerable critical infrastructure in the United States.
The NLC report did not touch on this vulnerability, but it’s important to note. Over the past few years, nation state actors (such as Russia, China, and Iran) and cybercrime gangs around the world have relentlessly attacked water systems. As the least secured critical infrastructure in the United States, water systems tend to be easy targets.
If your municipality is committed to safeguarding its water systems, integrating IT and cybersecurity into your strategy is a powerful step forward. Here are three key areas where focused improvements can significantly enhance resilience:
- Securing Operational Technology (OT) networks: Disconnecting OT networks from public-facing internet access helps prevent unauthorized entry into critical water system controls. This simple step strengthens your defenses against service disruptions and water contamination risks.
- Implementing strong access controls: Role-based access policies ensure that only authorized personnel can interact with sensitive systems. This minimizes the risk of accidental or malicious changes to water operations and supports employee accountability.
- Keeping systems up to date: Regularly updating and patching operating systems and software closes known vulnerabilities and helps protect your infrastructure from evolving cyber threats.
🔎 Related: 7 Cost-Effective Cybersecurity Strategies for Water Systems
Budget Uncertainty
The NLC report highlights growing concern among municipal leaders about the conclusion of federal funding programs like the American Rescue Plan Act (ARPA) and the Infrastructure Investment and Jobs Act (IIJA). This moment presents a valuable opportunity for municipalities to reflect, recalibrate, and strengthen their approach to IT and cybersecurity by considering the following strategies:
- Maximize federal funding opportunities: While not all municipalities fully leveraged ARPA funding, there’s still time to document and build upon what was accomplished. ARPA offered a unique chance to invest in cybersecurity, managed IT services, and data backup—areas that remain critical. As 69% of mayors anticipate budget challenges post-ARPA, now is the time to explore alternative funding sources and ensure future IT and cyber readiness.
- Build upon the success of the State and Local Cybersecurity Grant Program (SLCGP): The SLCGP has enabled municipalities to address cybersecurity risks with targeted support. States have played a key role in effectively distributing these funds. As the program winds down, municipalities can use the lessons learned to advocate for continued investment and build sustainable cybersecurity strategies.
- Shift from reactive to proactive IT planning: Major disruptions often prompt urgent investment, but proactive planning can prevent those crises altogether. By embedding IT and cybersecurity into annual budgeting and strategic planning, municipalities can ensure continuity and resilience without waiting for emergencies.
- Reframe your municipal budget as an enabler, not a barrier: With a plethora of federal grants and special programs offering substantial IT and cybersecurity support, municipal budget constraints have become increasingly surmountable. The real challenge for municipalities may lie in IT and cybersecurity awareness, prioritization, or capacity. Identifying and addressing these internal barriers can unlock meaningful progress in protecting your municipal infrastructure.
---
NLC’s report shows that mayors care deeply about essential priorities that affect the lifeblood of municipalities. Yet, across these priorities, IT and cybersecurity remain the hidden foundation that makes success possible. Without reliable technology and strong cybersecurity best practices, progress in these areas will stall or, worse, fail due to operational disruption, data loss, and cyberattacks.
For municipal leaders, the message is clear: IT and cybersecurity are not secondary concerns. Instead, they are essential enablers of every mayoral priority. Failing to invest in IT and cybersecurity risks undermining the most important goals that municipalities work so hard to achieve.
