If you are interested in what’s on the mind of mayors around the country, you could have been a fly on the wall at the 87th Annual Meeting of the Conference of Mayors this week in Honolulu.
Another way of learning what is up is to just read the adopted resolutions.
One was all about ransomware.
It points out there have been 22 attacks that have occurred in 2019 alone, including the cities of Baltimore and Albany and the counties of Fisher, Texas and Genesee, Michigan.
In addition, a total of 170 counties, cities and state governments have been hit with ransomware since 2013.
It goes on to say that months of work is required to recover from these attacks as well as millions of dollars of losses.
It points out paying ransomware attackers encourages continued attacks on other government systems, as perpetrators financially benefit.
As a result, the conference has decided to not pay ransoms anymore.
Interestingly, it doesn’t say what the mayors will do to stay secure.
You can’t just wish the problem away. Every organization needs a plan of action.
Mickey Bresman, CEO of Semperis, the identity-driven enterprise protection company said:
Paying ransomware sets a dangerous precedent and it’s very troubling that, in a way, it became the norm for local government. It’s easy to understand how the decision of not paying is a very hard one to make, because there is just so much at stake. Having the right type of disaster recovery plan, with a cyber recovery first approach, will allow local government to have better ability to bounce back and not be a helpless victim. Recovery plans combining clean and validated backups with automation will hopefully make the ransomware crime unprofitable and a thing of the past.
We have put together a list of cybersecurity essentials every mayor needs to live by to keep their city and state safe. It applies to every organization and is just a starting point. Please reach out if you have questions.