Learning from the Atlanta experience.
Government Technology magazine had a very good article back in their October/November issue, What Can We Learn from Atlanta?
Here are a few things that I've picked up. One is the cost of a ransomware attack. For Atlanta, it is $17M and counting. They chose not to pay, so they are putting everything back in place, rebuilding the processes and databases. Note that Atlanta did have cybersecurity insurance, and maybe that helped them in their decision not to pay the ransom.
Atlanta officials highlighted the importance of of protecting government data and information with three pillars: 1) Governance with compliance 2) Vulnerability management 3) Overall threat management. I'll note the compliance component. It is great to have all the procedures and rules in place, but if there is common disregard for them, they are not that effective.
Note that in 2017, ransomware attacks reached $5B, 15 times the amount in 2015. Now in 2019, the damages from ransomware are expected to hit $11.5B. Which is not chump change!