Cyberattacks at the Grass Roots: American Local Governments and the Need for High Levels of Cybersecurity

This article examines data from the first-ever nationwide survey of cybersecurity among American local governments. The data show that these governments are under constant or near-constant cyberattack, yet, on average, they practice cybersecurity poorly. While nearly half reported experiencing cyberattacks at least daily, one-third said that they did not know whether they were under attack, and nearly two-thirds said that they did not know whether their information systems had been breached. Serious barriers to their practice of cybersecurity include a lack of cybersecurity preparedness within these governments and a lack of adequate funding for it. The authors make recommendations to local governments to improve their cybersecurity practice and to scholars for additional research into local government cybersecurity, an area that, to date, has largely been neglected by researchers from the social sciences and computer science.