Hackers are constantly looking for that "one flaw" that can be used to bring a city, school district or large enterprise to its knees. The reward? A large monetary payout for seemingly little effort; after all, it only takes one human error or one embedded line of code for a hacker to succeed. In fact, it is for this very reason that 25 of the most populous cities in the United States now have cyber-insurance. The growing need to protect against attacks, such as those that occurred in Atlanta earlier this year, has made cyber security one of the top concerns for cities as they plan ahead for next year's budget.
Why Do Cities Need Cyber-Insurance?
When the average cost of a cyber-attack is millions of dollars, and the subsequent risks associated with offline government services are immeasurable, having cyber-insurance is just one of the steps that municipalities can take to protect their citizens and assets. Take, for example, the ransomware attack on Atlanta in 2018. To date, this attack was the largest reported breach on a city's network. Fortunately, the attack occurred less than three months after the city had agreed to a cyber-insurance policy.
During the attack, Atlanta refused to pay the $51,000 ransom. However, it is important to note that the hack itself was far-reaching. From the emergency response to new cyber-security measures, Atlanta is facing upward of $20 million in costs associated with the attack. The good news is that the city is now able to file claims with its insurance provider and thus receive the aid needed to recover effectively and efficiently.
What Cities are Adopting Cyber-Insurance Policies?
The extent of the Atlanta attack has caused Nashville, Washington D.C., San Jose and Boston to actively research cyber-insurance as they seek to join the ranks of those cities that already have policies, including Dallas, Detroit, San Diego, Denver, San Antonio and Fort Worth. In an August 2018 Houston City Council hearing, Christopher Mitchell, Chief Information Security Official, convinced local lawmakers to purchase a $30 million cyber-security insurance plan. The reason for this plan was simple. While the $471,400 premium was high, the policy itself covered the following areas:
- Extortion demands from hackers;
- Legal liabilities associated with a cyber-attack; and
- The forensic expertise (and associated costs) needed to recover from successful hacking attempts on government services
Other cities, including New York, have yet to announce if they have or are planning on obtaining a cyber-insurance policy. In the face of 45 million unauthorized access attempts per day, Los Angeles is one of the cities that has adopted a rigorous strategy to enhance citywide protection. These steps include an operations center with the sole purpose of monitoring the entire city for cyber threats.
Like Los Angeles, San Francisco has followed suit to create an aggressive approach to cyber security. The city, which suffered a successful hacking attempt on its transportation agency in 2016, learned the hard lesson about the true costs of a cyber-attack. During the 2016 attack, San Francisco was forced to turn off ticket-vending machines, which enabled everyone to ride its transportation systems for free. While the city does have a $50 million cyber-policy for the public health department, in light of its own experiences as well as the Atlanta attack, it is also looking at expanding the policy to cover the entire municipal government.
The Bottom Line: Cyber Threats will Continue to Increase on U.S. Cities
The U.S. government is planning on spending an estimated $14.9 billion on cyber security in 2019. As hackers become more adept, the number of attempted attacks has increased by approximately 10 percent year over year since 2015. In short, if municipalities want to learn from the recent Atlanta and San Francisco cyber-attacks, then they need to protect their data and citizens by creating stronger cyber-security policies and investing in a cyber-insurance policy. In a world where cities run on digital technologies and in the face of a successful attack or data breach, the benefits of cyber-insurance are immeasurable. To learn more about protecting valuable data assets and mission critical systems, contact us today.
Here's an infographic that shows the Cost of Cyberattacks in 2018.
If you're currently considering ways to protect your data or improve your cyber-security policies, work with a proven data expert for your sensitive information. We're here to help the business community of Texas maintain its edge in technology with reliable service and knowledgeable professionals.
PS LIGHTWAVE is the consultative data-connectivity provider for public and private entities in the Greater Houston area. Through our high-quality infrastructure, innovative technology and superior level of support, we deliver not only the best in connectivity and reliability but in scalability and redundancy.
You'll also appreciate that the PS in our name stands for “Pure Speed.” We fully understand that technology is a moving target, and we understand the people and infrastructure of the Greater Houston area. We are nimble, flexible and responsive, and we embrace leading-edge technologies that improve the customer experience. We invite you to learn more. Visit our website or contact us. Concerned about connectivity? Think PS LIGHTWAVE.
Blog Updated on November 30, 2018.