Reading Time: 4 minutes


Combating Evolving Threats: A Cybersecurity Framework for Towns and Cities

City hall building with a sign above entrance
Victoria Boyko
Joe Howland, Chief Information Security Officer

Relentlessly targeted by cyberattacks in 2021, municipalities are facing scary repercussions as a result of ransomware, malware, and malicious hacker behavior. It’s scary to contemplate what hackers can potentially do to municipalities.

In 2021 so far:

Are these hackers primarily hacking past firewalls, antivirus software, and software vulnerabilities? Actually, 95% of all successful attacks over the past two years started in email. That means hackers are using trickery—also known as social engineering—to get employees to click on suspicious links and attachments, give up usernames and passwords, and enter your systems.

Evolving Threats

After hundreds of major and minor data breaches over the past 10 years, hackers are more easily able to access user credentials. In addition to using social engineering tactics to trick employees, hackers can also find stolen credentials on the dark web and use those credentials to break into your systems. In many cases, other hackers have done the hard work already. With so many ways to steal user credentials, the risk of a breach continues to increase.

Hackers also continue to exploit software vulnerabilities and outdated operating systems through zero day vulnerabilities (vulnerabilities that no one has ever seen before) and going after soft targets—such as municipalities. Many municipalities do not have rigorous cybersecurity measures in place, a reliable data backup system, and IT support that proactively monitors systems. Cybercrime rings, for example, may use automated software to look for vulnerable organizations—many of which include municipalities.

Cyber threat detection has also become a bigger issue for all organizations. Once inside your systems, hackers often remain undetected for many, many months. According to IBM’s 2020 Cost of a Data Breach Report, “The average time to identify [a breach] was 207 days and the average time to contain [a breach] was 73 days, for a combined 280 days.” That’s a long time for a cyberattacker to be inside your systems.

Cyber Liability Insurance

As cyberattacks increase and become more financially damaging, cyber liability insurance premiums have gone up. Direct written premium growth increased over 22 percent in 2020. Due to remote work during the pandemic, cyber liability insurance providers have grown wary of increased cybersecurity risks due to remote work. Many have even left the cyber liability insurance business entirely. While cyber liability insurance remains incredibly valuable, its premiums can be lessened by demonstrating cybersecurity best practices.

A Framework to Help Fend Off Cyberattacks

The National Institute of Standards and Technology (NIST) has created a widely accepted framework that covers what organizations need as part of a cybersecurity strategy—and this framework is flexible enough to apply to even smaller municipalities.


This part of the framework focuses mostly on assessing your cybersecurity risks, understanding unique cyber threats to your organization, and developing a plan to secure your data.


Most organizations already have some level of cybersecurity protection. This part of the framework includes solutions to proactively identify weaknesses in your IT infrastructure and alert your city to security-related issues. Antivirus software, spam filtering, and employee training all fall under this category.


Often overlooked by organizations, detection technologies such as endpoint detection and response are used to detect suspicious network traffic or behavior. Our recent article, The Threat from Inside: Why Your Cybersecurity Tools Must Now Detect as Well as Prevent, covers this area in depth.

Respond / Recover

Finally, a cybersecurity strategy needs solutions and processes that help mitigate the impact of a security incident such as data backups, an incident response plan, and cyber liability insurance.

Ready for Better Cybersecurity?

Cybersecurity moves fast. Are you ahead of the cyberattackers? Having a strategic, proactive IT partner will help you shore up cybersecurity gaps and prevent cyberattacks.

VC3 partners with over 400 organizations across the United States to reduce their cybersecurity risks. A strategic technology partner can work with you to ensure that you do not suffer severe consequences from ransomware or another cyberattack.

We can assess your cybersecurity risks, outline what you need to secure your IT assets, and help you build a budget and roadmap to get there. Complete the form below and we’ll schedule a free cybersecurity consultation with you to learn more about your cybersecurity needs.

More from VC3