How local government can manage technology risk

READ ME

How local government can manage technology risk

What: “Managing Technology Risks through Technological Proficiency: Guidance for Local Governments,” a report from the Bloustein Local Government Research Center at Rutgers University.

Findings: Drawing from research and surveys of New Jersey local government technology practices and other government-related sources, the authors both inventory the common types of technology found in local government and outline the common categories of risk that come with them.

Those risk areas include network vulnerabilities through phishing attacks and social engineering; societal risks caused by changes in employment patterns and the public’s expectations; and reputational risks concerning how government manages technology and engages with citizens. Financial risks stem from the cost of cyber insurance, liability suits, breach responses and system failures, and operational risks can occur when technology failures compromise overall government operations and services can no longer be delivered. Technology failures can also cause liability issues with third parties and contractors, and because of regulations surrounding citizen access to public information, legal risks become a concern as well.  

Takeaways: In order to manage these risks, the report highlights four practices that will lead to improved technological proficiency:

  1. Governance: Executive managers should set technology policy goals, monitor all technological activities and make risk-based decisions regarding staffing, spending and policy.
  2. Planning: Technology plans should include long- and short-term goals, and recommend risk-management strategies that support all business processes, resource allocations and technology requirements.
  3. Cyber hygiene: Employees should be provided with proper training on safe security practices, and agencies should invest in intrusion and penetration testing services.
  4. Technical competence: Government IT departments need the right staffing, management attention and financial resources to implement sound cybersecurity practices, keep employees appropriately certified and educate management on technological activities.

Local governments should continue to assess their risk maturity and technology profiles, the authors note, to easily spot  areas that need improvement.

Read the full report here.

About the Author

Amanda Ziadeh is a former reporter/producer for GCN.

Featured

  • business meeting (Monkey Business Images/Shutterstock.com)

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (Shutterstock.com)

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected