What Elected Officials and CAOs Need to Know about Technology Fitness (Part 18)
In this latest installment of Tech Fitness for Local Elected Officials and Administrators, Marc Pfeiffer explains that there is no one-size-fits-all set of controls for every technology environment. Just being online requires a minimum level of tech-environment awareness. Recent news reports of the chaos created by hacker intrusions and technology supplier errors make that clear. In some cases, cyber insurance providers mandate that minimum standards or specific services be included in your control environment.
How do you find out where you stand? Ask your tech expert to report about your “minimum cybersecurity control practices.” They should answer the following questions:
- Are we doing enough of everything on the list? If not, what else do we need to do?
- What are our options to meet those deficiencies?
- What are the risks of not fully doing them?
Knowing the answers allows for informed decision-making. This should be an annual exercise ahead of the budget cycle as cybersecurity threats and responses constantly evolve.