Cyberattacks Increase Public Sector Risk

Morgan O'Rourke


October 1, 2018

public sector cyber risk

As the U.S. public sector adopts more technology-based services like digital recordkeeping and online bill payment, they are also opening themselves up to a greater risk of cyberattack, according to a report by S&P Global Ratings.

If left unchecked, this increased exposure could erode trust in their ability to support operations, manage long-term obligations, and protect financial and individual data, ultimately resulting in a negative impact on their credit ratings. This would make it more difficult for public entities to secure the support and funding to pay for needed projects.

S&P said that certain key factors make public entities especially attractive to hackers. First, because almost all budget decisions are public, cybercriminals can anticipate when municipalities will be accessing capital markets and time their attacks accordingly. Second, many public funding decisions elicit strong emotional responses, increasing the risk of politically-motivated “hacktivist” attacks designed to protest decisions and disrupt operations.

S&P suggested that public entities need to overcome the stigma that leads them to conceal cyberattacks and instead report the details to government officials, law enforcement and other public sector groups so that they can collectively develop prevention measures.

Morgan O’Rourke is editor in chief of Risk Management and director of publications for the Risk & Insurance Management Society, Inc. (RIMS)