Managing cybersecurity in local governments: 2022

Thumbnail Image

Links to Files

https://digitalcommons.kennesaw.edu/jcerp/vol2025/iss1/2

Permanent Link

https://doi.org/10.62915/2472-2707.1216
 http://hdl.handle.net/11603/37849

Collections

UMBC School of Public Policy
UMBC Faculty Collection
UMBC Maryland Institute for Policy Analysis & Research (MIPAR)
UMBC Office of the Vice President of Information Technology
UMBC Student Collection

Author/Creator

Author/Creator ORCID

https://orcid.org/0009-0009-7997-5137
 https://orcid.org/0000-0002-5540-8308

Date

2025-02-15

Type of Work

journal articles
Text

Department

Program

Citation of Original Publication

Norris, Donald, and Laura Mateczun. "Managing Cybersecurity in Local Governments: 2022." Journal of Cybersecurity Education, Research and Practice 2025, no. 1 (January 1, 2025). https://doi.org/10.62915/2472-2707.1216.

Rights

This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author.

Subjects

Abstract

This paper, based on data from our second nationwide survey of cybersecurity among local or grassroots governments in the U.S., examines how these governments manage this important function. As we have shown elsewhere, cybersecurity among local governments is increasingly important because these governments are under constant or nearly constant cyberattack. Due to the frequency of cyberattacks, as well as the probability that at least some attacks will succeed and cause damage to local government information systems, these governments have great responsibility to protect their information assets. This, in turn, requires these governments to manage cybersecurity effectively, something our data show is largely absent at the American grassroots because, on average, local governments fail in to manage cybersecurity well. After discussing our findings, we conclude and make recommendations for ways to improve local government cybersecurity management.