A practical cybersecurity guide for local government IT staff, administrators, and elected officials. Covers the government threat landscape, regulatory requirements, ransomware preparedness, critical infrastructure protection, small IT team strategies, public accountability, and how to build a defensible program with limited resources.
Local government faces a cybersecurity problem that the private sector does not. The threats are real and growing. The systems are often old. The budgets are constrained by the annual appropriations cycle, public accountability requirements, and competition from roads, parks, and payroll. The IT team is frequently one or two people covering everything. And when something goes wrong, the consequences are not just operational. They are public.
Ransomware attacks against municipalities, counties, school districts, and utility authorities have become common enough that they barely make national news anymore. The city of Atlanta spent over $17 million recovering from a 2018 ransomware attack after refusing to pay a $51,000 ransom. Baltimore paid nearly $18 million in recovery costs from a 2019 attack. Water treatment facilities have been targeted by attackers who modified chemical dosing levels remotely. School districts have had student data published by ransomware groups when ransoms went unpaid. The threat is real, persistent, and specifically directed at organizations that are perceived as unable to defend themselves.
This course is built for the people who actually do the work: the IT director of a mid-sized county, the network administrator at a school district, the city manager trying to understand what the cybersecurity risk really means for their community, the elected official who approves the budget and needs to make an informed decision. It addresses the specific challenges of the public sector context: how to work within public procurement and budget cycles, which regulatory frameworks apply to government entities and why they vary so much, how to prepare for and respond to ransomware when your recovery resources are limited, how to protect critical public infrastructure, how to manage a small IT team or evaluate managed services, and how to communicate about cybersecurity in an environment of public accountability and open records laws.
The course closes with a practical framework for building a government cybersecurity program starting from wherever you are today: how to use free resources including MS-ISAC membership and CISA services, how to apply the CIS Controls as a prioritization framework for resource-constrained environments, and how to build a multi-year security roadmap that can survive the budget cycle.
One-time payment. Lifetime access. Access link delivered by email.
Already purchased? Resend access link