New from @lsusskind (@mitdusp) and me in @UrbanAffairsRev:

"Municipal Cybersecurity: More Work Needs to be done."

It's a research note on the state of cybersecurity at the local level, the research we've seen from the academy & practice, and what we think it's missing. Thread:
First: why do we care? Thanks to efforts like @brfreed at State Scoop, we know that state & local governments are being hammered by cyberattacks, notably ransomware (most famously in Baltimore and Atlanta, but also lots of school districts, public authorities, transit, etc.) 2/10
There hasn't been a lot of research on how to improve local cyber, & what's out there is telling–local govs are burdened by budget constraints, inattentive elected officials, & inability to adopt best practice. The research that does exist is largely descriptive&exploratory. 3/10
Professional associations, however, have really produced some fantastic work. @MeredithMWard and @BrunnerMaggie (at @NASCIO and @NatlGovsAssoc) authored a report on how states have been helping their local governments improve their cybersecurity. 4/10
While @ckmcfarland and others at @leagueofcities have produced two reports this year and last, one about what government officials need to know about cybersecurity, and one about state/local collaborations for cybersecurity. This is good, important work. 5/10
However, anyone who works in cities knows: cities are much more than their city govs. School districts, utilities, public hospitals, transportation agencies,etc. All "local governments," all seeing cyberattacks, but little attention is being paid to their interconnectedness. 6/10
We summarize the findings of these reports, & add additional activities that we think might be successful, like the collaborative approach to utilities' cybersecurity in CT, MA's grants for workforce and training at the MassCyberCenter, and reporting and training in NC, TX. 7/10
Finally, our 3 calls to action & research:
1) Researchers need to start doing systematic, causal research, moving beyond surveys and descriptions. We need to know what works for cities, how, and why. Action research, long-term studies, and comparative work are all needed. 8/10
2) States need to expand support for regional & multisectoral cooperation for cyber. Won't happen otherwise.
3) Private sector & the academy need to start developing tools that will work within the legal, ethical, political, and institutional constraints of local governments.9/10
Paper is available at:….
Please feel free to reach out/email if you don't have institutional access to the paper. We're excited to have this out into the world, and hope that practitioners and researchers alike can carry this call forward. 10/10

• • •

Missing some Tweet in this thread? You can try to force a refresh

Keep Current with Ben Preis

Ben Preis Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!


Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!