Point of View

Security service providers need to target the overstretched security of state and local governments—less than 40% of US local government and state staff are prepared to combat ransomware

March 18, 2020

Ransomware has been making big headlines recently; the attacks are growing in number and complexity, and they are approaching from a variety of vectors. The latest areas dark forces are targeting are local and state governments. Over 100 cities across the United States have suffered attacks from ransomware, and the threat is global, with two local British borough councils in northern England falling victim in early February 2020.


With this wave of ransomware hitting local government organizations hard, security service providers should be looking to step forward to plug the evident security gaps that the cybercriminals have exposed.


Exhibit 1: Only 32% of enterprises believe that ransomware is a major or critical threat



Local and state governments are vulnerable to ransomware because of legacy equipment, limited budgets, and a lack of training


Local governments are proving to be a vulnerable target for cybercriminals who recognize the weakness of limited funding on the cybersecurity of these organizations. Some US states have a cybersecurity budget as little as 2% of their overall IT budget. In addition, 52% of budgets for managing cyberattacks have remained fairly dormant, despite a rise in attacks. With budget constraints comes a lack of employee training and legacy equipment, which has inferior security. a meager 38% of state and local government employees in the US are trained to mitigate ransomware. A similar figure is echoed in the UK, with local councils believing that only 40% of their employees exhibit robust cybersecurity behaviors at work.


Ransomware hits hard, so choosing the right protection strategy is key


The evidence would suggest that local governments are in a pretty sorry state of affairs when it comes to their cybersecurity stance, with only just over half of local authorities in the UK believing that they can deal with a potential cyberattack on their systems, according to IBM. Ransomware can have significant implications on any organization that falls foul of it. Reputational damage, financial loss, and day-to-day business disruption are the three main consequences. It has been reported that it’s possible to see more than a quarter of a million different ransomware variants and as many as 60,000 new variants in a single day. Finding the right strategy is key to an organization’s defense. Local governments are suffering at the hands of cybercriminals, and it is up to cloud providers to step in and provide a solution to their problems. Just over half of local authorities believe that they can deal with a potential cyberattack on their systems; this should be enough reason for service providers to make a concerted effort to push their offerings on the struggling local governments.


Cloud service providers have the solution for struggling local government organizations


Cybersecurity is an ever-developing world. It’s not good enough just to dabble in a bit of security; you need to commit, you’ll quickly fall victim to cybercriminals otherwise. Large service providers such as IBM, Accenture, DXC, Capgemini, and Atos already have extensive experience in dealing with the higher echelons of governments; they should be further exploiting this untapped market that is in dire need of their support.


Service providers will be able to more effectively look after local government systems because this is their bread and butter; they can draw upon large centralized reserves of resources and experience. A new centralized cloud service would make it possible for the often archaic and disorganized infrastructure of local government to be far more efficiently managed.


Capgemini’s Digital Government unit has gained notoriety in this field by helping several local government organizations in the UK, including Brent Council and Hampshire County Council, with their digital transformations. Capgemini’s cloud solution has reduced the councils running costs, increased their flexibility, and, of course, safely secured the council’s systems. Capgemini’s Application Security Testing could support local governments by securing their often disorganized application layer, which is the entry route to 80% of cyberattacks. Capgemini also scored second in the voice of the customer category in the HFS Top 10 Managed Security Services (MSS) report, leaving us with the understanding that it is a competent provider to work with.


IBM’s wide breadth of services and vast experience of catering to huge numbers of customers, including the government sector, must also be considered as an option. IBM’s threat management platform X-Force provides comprehensive security for their customers and leverages threat intelligence, detection, response, and recovery services to give customers truly layered protection—especially in the case of ransomware. It was these accolades that helped earn IBM the number one rank in the HFS MSS Top 10 in 2019.


DXC’s partnership with ServiceNow also provides an option for local government organizations. The firm’s variety of managed security services, in combination with ServiceNow’s cloud-based IT service management capabilities on a single platform, provides its customers a clear picture of the security stance and composition of security incidents for swift, more active threat response and solutions.


The Bottom Line: Security providers should be leveraging their services to support local government and give them greater security against ransomware.


Local governments in both the US and UK are suffering at the hands of cybercriminals who are deploying lethal ransomware to holding organizations hostage. Security providers should be advancing their investments in this market by helping local councils with the migration of their services over to the cloud, simplifying their infrastructure, saving them money, and providing them with effective around-the-clock security.


Sign in to view or download this research.


Lost your password?


Insight. Inspiration. Impact.

Register now for immediate access of HFS' research, data and forward looking trends.

Get Started