Cleveland’s Stand Against Cybercrime: A Model for Municipal Cybersecurity
In a significant move for municipal cybersecurity, the City of Cleveland has taken a strong stance against cybercriminals, declaring they will not pay the ransom demanded by attackers who compromised their systems. This bold decision aligns with best practices in cybersecurity and serves as a beacon for other cities to follow.
As Shannon eloquently put it, “It’s like feeding stray cats. You feed one, they tell their buddies. Cleveland is saying, ‘we’re not feeding the cats.’” This analogy underscores the importance of not giving in to ransom demands, as it can encourage further attacks.
Cleveland’s preparedness is evident, at least that’s what host Ryan Williams Sr., and cohosts, Shannon Tynes and Chris Abacon are speculating. The city has likely implemented robust cyber hygiene and recovery plans, allowing them to stand firm against the attackers. As Chris noted, “The City of Cleveland is probably already working with state and federal agencies,” indicating a level of cybersecurity maturity that includes proper network segmentation and redundancy.
The attackers targeted various city systems, but crucial infrastructures like utilities and airports were on segmented and different networks, minimizing potential damage. This segmentation is a key cybersecurity best practice, and Cleveland’s implementation of it is commendable.
While the specifics of the attack and the data targeted remain unclear, the city’s refusal to pay the ransom is a positive step. It highlights the importance of having comprehensive backup and recovery plans, as well as regular training for employees to recognize and avoid phishing attempts, which are often the entry point for such attacks.
As I always say, every industry is susceptible to cyberattacks, and the bad guys are getting better at what they do. It’s up to us to step up our game. Cleveland’s example should inspire other cities to bolster their cybersecurity measures and stand firm against cyber extortion.
By taking this stand, Cleveland not only protects its own systems but also sends a strong message to cybercriminals: municipalities are not easy targets. This decision will hopefully encourage other cities to adopt similar strategies, leading to a more secure and resilient national infrastructure.
Thank you for reading and stay tuned for more episodes of The Other Side of the Firewall podcast on Monday, Tuesday, Wednesday, and Fridays, as well as, the Ask A CISSP podcast every Thursday. Please like, share, and, subscribe.
Stay safe, stay secure!
Upcoming Computer Coach IT Training class!
Foundations for Success: Early Career Pathways in Cybersecurity
🔍 Key Points:
- Discover the technical and soft skills essential for a successful cybersecurity career.
- Learn from real-world experiences and stepping stones to guide your journey.
- Understand the importance of earning certifications like CISSP, PMP, Network+, and Security+.
- Explore pathways to growth and advancement in the cybersecurity industry.
🎙️ Meet Our Guest Speaker:
Ryan Williams, Sr. is an IT Security Analyst supporting the U.S. Department of Housing and Urban Development (HUD) Office of the Chief Information Officer (OCIO). With 21 years of experience in the DoD, Ryan brings a wealth of knowledge in Governance, Risk & Compliance programs, and IT project management. He is also the host of the DE&I cybersecurity podcasts, “The Other Side of the Firewall” and “Ask A CISSP.”
🌟 Who Should Attend:
Students, early career professionals, and anyone interested in pursuing a career in cybersecurity.
🚀 Start Your Cybersecurity Journey:
Join us as we lay the foundations for success in early career pathways in cybersecurity!
Ryan is a retired Air Force veteran who brings over 20 years of experience in network infrastructure, project management, and cybersecurity consulting to his current role at BuddoBot. Buddobot’s mission is to support national security by transforming, empowering, and educating organizations to shift from reactive, diluted, automated, and high-cost IT and security practices to proactive, effective solutions that fortify their security.
Shannon, also a retired Air Force veteran, has more than two decades of expertise in network security and vulnerability management. He now serves as an Information System Security Officer (ISSO) for the U.S. Space Force, where he continues to enhance national security protocols.
Chris, a Navy veteran with over ten years in IT, information assurance, and risk management, currently works at CompliancePoint. His roles include vCISO, RMF assessor, and consultant, focusing on enhancing data security and privacy for various organizations.
Daniel is an Air Force veteran with over 15 years of combined experience in IT, cybersecurity, information assurance, and government risk compliance. He has held various roles, including IT administrator, cybersecurity engineer, senior information system security manager, and currently serves as a senior security consultant for Booz Allen Hamilton. In this latest role, Daniel leverages his expertise to address unique and complex challenges in the cyber and IT domains, enhancing his customers’ capabilities.