Meeting Evolving State and Local Cyber Threats

By John Evans, Field Chief Technology Officer, State & Local Government, World Wide Technology

It was previously assumed that nation-state actors primarily targeted federal agencies or major enterprises for their national secrets or big-ticket data, rather than investing the time, money, and resources attacking smaller organizations like local or even state governments.

In recent years, however, attacks against these agencies have increased, signaling a shift in the entry points threat actors are targeting. Last year’s attacks on U.S. critical infrastructure by Volt Typhoon suggest this switch has been in the works for considerable time.

These attacks will continue to increase in complexity and volume, especially as AI removes barriers by requiring less time and fewer resources to deploy complex tactics. It is therefore necessary for state and local government IT leaders to assess their current security architectures to ensure they are fully fortified and prepared to mitigate these growing threats.

Challenges in Bolstering Security

While cyberattacks against state and local governments grow in volume and complexity, agencies are conversely facing staffing shortages and budget constrictions, making it challenging for them to detect these threats and take appropriate action. AI complicates this issue further, as it helps malicious actors broaden their scope of targets with minimal resources while decreasing their time to attack.

Federal support through agencies like the Cybersecurity and Infrastructure Security Agency (CISA) has previously bridged this gap for many state and local agencies by providing real-time advisories and guidance on persistent and upcoming threats. However, as federal security initiatives shift, and with some federal grants set to sunset in 2027, many agencies are exploring how to take greater responsibility in detecting and responding to malicious actors.

Tips for Developing Robust Security Architectures

While it’s tempting to match growing threat complexity with new and intricate defense plans, state and local agencies must first focus on getting the basics right if they want to stay ahead of hackers. Vigilant cyber hygiene initiatives must take center stage, including:

Developing full visibility across the IT system: All agency employees must understand the importance of collaboration with the IT team, as well as their responsibility to use technology correctly and safely. Training and security literacy are important, as employees need to understand how to incorporate cybersecurity early into projects and how to report suspicious activity

Ensuring network protocols aren’t exposed to the internet: This prevents unauthorized access to internal systems and data from the start, eliminating a top attack vector.

High patch efficacy: When vulnerabilities are detected, IT teams must be able to quickly and effectively patch systems and software to reduce the risk of exploitation.

Complete and tested backups: Owning full and recoverable backups can avoid severe disaster if a hacker seizes control of systems or data – especially when it comes to ransomware.

Requiring multifactor authentication (MFA) for everything: The added verification measures of MFA make it much more difficult for hackers to access systems.

How Public-Private Partnership Can Help

Private partners can help fill gaps in security caused by a lack of internal resources, staffing, and visibility across the IT ecosystem. Additionally, as technology like AI continues to grow in ubiquity, complexity, and demand, services like World Wide Technology’s Advanced Technology Center provide agencies with a sandbox for testing, developing and integrating solutions before fully investing in deployment, saving money and ensuring new tools are compatible with existing infrastructure.

Looking ahead, attacks on state and local agencies likely won’t slow down. By keeping a pulse on the evolving security landscape and fortifying the basics of their cybersecurity architectures, agency IT leaders can stay ahead of these sophisticated threat actors and protect sensitive citizen data.