Skip to main content

Voices. Knowledge. Solutions.

Cyber Checklist for Municipalities

Cyber attackers are looking to exploit vulnerabilities of municipalities in order to steal information and money. The attackers will steal information and hold the data ransom, disrupting the organization. 

These attacks can come in the form of ransomware, viruses and cyberattacks. The attacks can come against information technology, or IT, as well as operational technology, or OT. IT deals with data while OT deals with industrial controls such as water and energy.  

Municipalities can use these tips to protect their information, detect any vulnerabilities and respond and recover if an attack does occur.  

Protect Information 

  • Develop security policies and procedures. 
  • Train employees on policies and how to detect common cyber threats. 
  • Implement multifactor authentication. 
  • Implement advanced endpoint protection. 
  • Use antispam and email filtering tools. 
  • Patch and update software and applications regularly. 
  • Monitor for unauthorized or suspicious access to data. 
  • Remove any applications that are no longer used. 
Detect Vulnerabilities 

  • Regularly scan systems for vulnerabilities. 
  • Monitor the dark web for account credentials. 
  • Look out for suspicious network traffic. 
  • Look for security threats inside your devices. 
Respond to and Recover From Cyber Attacks

  • Back up data onsite and offsite and test the backups regularly. 
  • Develop an incident response plan. 
  • Purchase cyber liability insurance. 

The SC Municipal Insurance and Risk Financing Fund offers the eRiskHub as a member resource for innovative cyber risk management solutions.

For questions about eRiskHub, contact Cindy Martellini, claims manager, at