Cybersecurity at the Grassroots: American Local Governments and the Challenges of Internet Security

Thumbnail Image

Files

[15477355 - Journal of Homeland Security and Emergency Management] Cybersecurity at the Grassroots_ American Local Governments and the Challenges of Internet Security.pdf (194.99 KB)

Links to Files

https://www.degruyter.com/view/journals/jhsem/15/3/article-20170048.xml

Permanent Link

https://doi.org/10.1515/jhsem-2017-0048
 http://hdl.handle.net/11603/19229

Collections

UMBC Computer Science and Electrical Engineering Department
UMBC Faculty Collection
UMBC School of Public Policy
UMBC Student Collection

Author/Creator

Author/Creator ORCID

Date

2018-09-26

Type of Work

journal articles
Text

Department

Program

Citation of Original Publication

Donald F. Norris , Laura Mateczun , Anupam Joshi and Tim Finin, Cybersecurity at the Grassroots: American Local Governments and the Challenges of Internet Security, Journal of Homeland Security and Emergency Management, Volume 15: Issue 3 (2018), doi: https://doi.org/10.1515/jhsem-2017-0048

Rights

This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author.
©2018 Walter de Gruyter GmbH

Subjects

UMBC Ebiquity Research Group

Abstract

In this paper, we examine cybersecurity challenges faced by America’s local, governments, including: the extent of cyberattacks; problems faced in preventing attacks from being successful; barriers to providing high levels of cybersecurity management; and actions that local governments believe should be taken to improve cybersecurity practice. Our research method consisted of a focus group of information technology (IT) and cybersecurity officials from one American state. Our findings indicate that cyberattacks are constant and can number in the tens of thousands or more per day. While our participants noted that while they were not perfect at it, they felt that they had cybersecurity technology under good control. Their biggest challenge is human – that is, end-users who make mistakes or engage in misconduct. Local governments face several barriers in providing high levels of cybersecurity, including: insufficient funding and staffing; problems of governance; and insufficient or under-enforced cybersecurity policies. Participants suggested several ways to improve local government cybersecurity, including: vulnerability assessment, scanning and testing, cybersecurity insurance, improving end-user authentication and authorization, end-user training and control, control over the use of external devices, and improved governance methods, among others. We conclude by making suggestions for further research into local government cybersecurity.