Credit: IntrustIT 

October is Cybersecurity Awareness Month, a time for us to consider why it is crucial for new broadband network deployments to keep security in mind from the outset.

The proposed bipartisan infrastructure bill could potentially give communities an unprecedented amount of funding to expand connectivity in cities, towns, and counties nationwide. For many unconnected communities, this provides an opportunity to develop and deploy a municipally run network or develop new public-private partnerships.

Now more than ever, municipal officials face a growing number of challenges from bad actors. Meanwhile, many cities, towns, and villages may not have dedicated information security staff to help officials become security experts.

When undertaking a new broadband deployment, municipal and local officials should start by assessing cyber threats.  It is impossible for municipalities to eliminate cyber risk. However, it is imperative that when developing new networks, or expanding existing ones, communities are able to identify potential threats. Understanding the gaps in a community’s cyber defenses is critical to determining how new budget items should be allocated. This will also inform what new tools or training a city government needs.

Additionally, the sensitive personal information that communities often collect and hold is one of the most valuable resources and sought-after targets for cyber-criminals. When a municipality collects consumer data, they often do not have practices and procedures in place that meaningfully help minimize the amount of information collected. Municipalities collect information in a number of ways, largely due to standard government functions. Regardless of how information is obtained, residents must know how that information is secure.

Municipalities should continuously assess who has access to collected data, what specific data has been collected, where that data is housed, and why that data is being retained. These questions can help reduce unnecessary access.  They can also help local governments identify efficiencies associated with the amount of information collected. Further, understanding where data is stored and the risks inherent in utilizing legacy or outdated systems for storage is crucial for reducing municipal exposure to cyber risk. 

Finally, municipal leaders must ask themselves what types of plans they have in place for worst-case scenarios. No government official wants to find themselves on the receiving end of a cyber-attack but, if it occurs, having a continuity plan is critical to maintaining essential services. Ensuring that disruptions to critical services are limited will help municipalities identify and remedy security issues more efficiently. 

Municipal officials are responsible for ensuring that the programs they implement do not negatively affect the community’s residents. As new funding opportunities and programmatic support become available, community leaders must ensure they are developing new network plans with security in mind. These topics are increasingly important and carry as much importance as deploying the network itself.