Strengthening Your Defenses: 5 Tips to Protect Your City from Cyber Threats

CyberDefenses - Shield

The wealth of citizen data municipalities manage daily combined with the critical services that depend on this data makes them attractive targets for cybercrime . If you’re following recent headlines then you’re aware of some cities that have been caught in the cross-hairs of ransomware attacks and the intent behind them range from simple annoyance through vandalizing a fire stations website, to seeking real destruction by trying to access a city’s dam system, to holding a city or county hostage through ransomware. This has prompted many municipalities to ask how they can better defend against cyber threats.

In response, CyberDefenses has pulled together our top cybersecurity tips for city governments. We’ve implemented cybersecurity programs for some of the most targeted organizations in the world. Through these experiences several key things have proven to be effective again and again in defending against threats and reducing the impact of an attack.


In elementary school we teach our kids to be prepared for emergencies by teaching them to dial 911, holding fire drills, and tornado drills, maybe even packing a go-bag in case of need to evacuate.  However, when it comes to cybersecurity we typically get lost in the complexity and jargon and forget that we can do the same thing there.

Creating an Incident Response plan before an attack prevents poor decisions based-on panic and knee-jerk responses.  Will you pay a ransom or not? By what means?  Who are your point people? Decide key roles and escalations and how you will communicate should your system be shut down.


Often you can prepare for an attack by talking to others in a similar industry or community and finding out what is currently happening.  Talking to others means you can combine forces to improve your visibility on the methods of attackers and what types of defenses are working. This is especially important given the ever-changing landscape of the cyber world and the attacks that take place.

  1. BACK UP

If ransomware has taught us one thing, it is to have a RELIABLE back-up method in place.  Using back-up mechanisms that cannot be detected or encrypted from an infected host, gives you the ability to step back and analyze the situation for what it is.  If your system is capable of being restored then you can weigh the positives and negatives of each possibility and take time to really analyze the data in front of you.

Know where the most important data and systems reside and test your restoration capabilities.


Once a user ID and password are obtained, they are tested by hackers with account-checking programs to gain access to other sites. With a number of password management systems available (because we all feel like we have too many to keep track of anyway), you can store, set, and change passwords and utilize a system that can create truly random passwords for you. Reusing even part of a password can be risky if your credentials are breached.  Read more about that HERE.


Cybersecurity is never a set and forget type of system. Attackers only have to be right once to break in. Meanwhile, cybersecurity defenders have to be resilient continually to prevent a breach. Be proactive with ALL aspects of protection, detection, response, and recovery.

For an easily sharable infographic on this topic, click here. We’ve compiled these steps into an easy-to-download and print infographic that you can share and pass along to your staff. While the intricacies of cybersecurity can feel daunting the process is simple: Plan, Talk, Protect, Defend.

About the author

Brian Engle

Brian Engle is the CISO and Director of Advisory Services, a role in which he leads the delivery of strategic consulting services for CyberDefenses's growing client base with risk management support, information security program assessment and cybersecurity program maturity evolution. Prior to working at CyberDefenses, he was the founder and CEO of Riskceptional Strategies, a consulting firm focused on enabling the development of successful strategies for implementing, operating, and evolving risk-based cybersecurity programs. Brian’s previous information security roles include Executive Director of Retail Cyber Intelligence Sharing Center (R-CISC), CISO and Cybersecurity Coordinator for the State of Texas, CISO for Texas Health and Human Services Commission, CISO for Temple-Inland, Manager of Information Security Assurance for Guaranty Bank, and Senior Information Security Analyst for Silicon Laboratories. Brian has been a professional within Information Security and Information Technology for over 25 years, and serves as a past president and Lifetime Board of Directors member of the ISSA Capitol of Texas Chapter, is a member of ISACA, and holds CISSP and CISA certifications.