During the past few months at various events and conferences in multiple states, we have seen cities taking ransomware seriously. But a consistent theme encountered as we talk to cities is an inconsistent and noncomprehensive approach taken. Some cities respond, “We have antivirus.” Others respond, “We back up our data.” Let’s look at the silo approach of “Our data backup solves our ransomware problem. If we get hit with ransomware, we’ll just restore our data.”
Not quite.
Data backup and disaster recovery is crucial as part of a strategy against ransomware and viruses. However, that focus on such an important part of a ransomware strategy may make cities think it’s the only answer.
Here’s why data backup and disaster recovery, by itself, is not the full answer to your ransomware worries.
Just because you can restore your data doesn’t mean that ransomware won’t disrupt your operations. After the initial shock and halt to your operations, it takes some time to restore data. It’s a complex process, and all your backed-up data may not be immediately available after recovery.
What happens in the meantime? Disruption. Employees who cannot do their job for days (and possibly even weeks). Citizens not served by your city—not able to make payments, get business licenses, or find information. Ripple effects that can last weeks or months.
To prevent disruption, you need strategies and tools that include:
Backing up and restoring data does not necessarily mean you are taking data security seriously. When ransomware hits, criminals have accessed your data, encrypted your data through their virus, and potentially stolen your data by uploading a copy over the internet. This means you’ve opened yourself up to a security incident.
The biggest issue that some cities ignore is security around data access. Some best practices include:
Just because you can restore an abandoned house to its previous condition doesn’t mean you should be living in an abandoned house!
Federal, state, and local laws, policies, and ordinances require that you protect and secure specific information such as
Simply backing up but not securing this information doesn’t put you in compliance with the law.
Data backup alone will not reduce your liability. A successful cyberattack may lead to paying expensive claims. Plus, insurance companies will penalize you by raising your premiums if your risk of a cyberattack is high—whether through past cyberattacks or the current state of your IT. Even municipal bond ratings are at risk if your cybersecurity is poor.
Safeguarding against cyberattacks requires a proactive, not a reactive, security mindset.
Cities may still think of cybersecurity as solely an IT problem. In the past, viruses and malware may have affected servers and computers that were not crucial to a city’s operations.
Today, cybersecurity is everyone’s responsibility as city operations significantly (and moving toward completely) rely on information technology. Only with leadership and employees fully involved in carrying out cybersecurity policies will a city become better protected.
Protecting yourself against ransomware must go far beyond simply acquiring a good data backup and disaster recovery solution. Letting hackers into your systems, disrupting your operations, and only placing the responsibility of information security onto your IT staff or vendor means placing yourself at risk—including financial, legal, and operational risk.
Data backup and disaster recovery is a crucial tool to help you fight ransomware. But it’s only part of the picture. Sadly, the bad guys are winning as cybercrime is now a $1.5 trillion (yes, with a “T”) criminal industry.
Need guidance on how to combat ransomware? Reach out to us today.