If you were a smart cybercriminal, you’d be wanting to find victims that meet a few criteria:
City governments across the U.S. have been the victim of countless attacks over the last number of years. It’s because they are one of the few organizations that meet all the needed criteria.
City governments need to focus their efforts on making themselves less vulnerable to attack. This is accomplished by establishing consistent security measures across the entire city network. Patching endpoints, servers, and applications is a good start. Protecting users from malware attacks with email and web scanning is another. But the weakest link is the user. Implementing continual Security Awareness Training will make users understand the need to be vigilant against cyberthreats and social engineering.
In nearly every recent news story about a city being the victim of an attack, the source of the attack was an unwitting user who fell prey to a phishing scam. Security Awareness Training works to eliminate the user as an attack vector, shoring up an organization’s security and protecting it from harm.