Dealing with today’s cyber threats


Today, government bodies have no choice but to be online. Serving your constituents in convenient, effective ways means having digital infrastructure — which opens your council up to new sources of risk.

Considering the types of cyber threats that exist today, you’re dealing with new levels of danger. Both in terms of volume and the sheer amount of damage an attack can inflict, there has never been such a concerning environment for cyber risk. From profit-driven ransomware groups to sophisticated state-sponsored entities, there are plenty of threat actors to guard your organisation against.

One leading way to stay confident amidst this threat landscape is to make security a top-of-mind priority and take advantage of useful services. And if you’re a CivicRisk Mutual member, you already have access to cyber protection services as part of your membership.

What Cyber Threats Do Local Government Face?

The threats to local councils like yours are not hypothetical. A recent wave of attacks shows that threat actors now possess the ability to strike at governmental cyber resources and are using this capability to compromise defences and even key infrastructure.

In the most recent Cyber Threat Report by the Australian Signals Directorate (ASD), local government entities reported the second-most incidents during the tracked period, trailing only federal authorities.

The prominence of federal, state and local government offices atop the list of targets may be partly because these organisations have stringent reporting requirements. That doesn’t change the essential facts, however. Namely, attackers target the public sector, you need a strategy to counteract this focus.

The ASD report specified that today’s hacking groups, some state-sponsored while others are ideologically driven or profit-motivated, are capable of targeting critical infrastructure. These attacks may be intended to interrupt service, steal key data or even install hard-to-detect malware that lurks within systems for years.

Writing for Government News, cyber security CEO Ches Rafferty cited examples of local councils becoming the victims of cyber attacks. This included the widely reported hack of the Stonnington council in Melbourne in 2021, following which auditors in both Western Australia and New South Wales found numerous governmental organisations in their states were not adequately prepared to fend off similar intrusions.

Considering the wide range of threats facing councils today, as well as the financial and reputational costs associated with suffering a hack, it’s clear that the state of affairs needs to change. You’ll need to prepare for the possibility of a breach.

How Can Councils Protect Themselves?

Many organisations around Australia — and all over the world — lack adequate defences against cyber threats. Amid the ever-intensifying threat environment, falling into this category can have costly consequences.

There are many reasons why a council or a business might avoid developing a cyber resilience strategy. Leaders may feel the operation is too small to be targeted or feel unable to devote resources to creating defences. It’s important to get over these hurdles and begin working on programs to help repel and recover from cyber attacks.

Reuters reported that Australian cybersecurity regulations are tightening in response to recent attacks, including a 2022 telecom data theft affecting 10 million individuals. Today, Australian entities suffer from an average of one cyber attack every six minutes.

Every organisation today, from massive corporations to federal government offices and local councils, has access to some sort of personally identifiable or sensitive data that criminals can target. This means no one is exempt from the need for cybersecurity, and as such, you’ll need a plan.

Such a plan should take into account that the cyber threat landscape has evolved and is continuing to change. Today’s risk factors include ransomware designed to lock down assets, along with advanced “spear phishing” techniques that involve psychological components, tricking employees into revealing data.

Cyber protection strategies must go beyond the perimeter-based defences that pervaded in the past and include training components alongside tech solutions. This is a priority for councils like yours, just as much as it is for private-sector businesses.

What is CivicRisk Mutual’s Cyber Protection Program?

In addition to systems and tech tools that can protect against intrusions and the worst damage incurred in a cyber attack, you should also think seriously about putting a program in place to guard against related financial losses. The budgetary impact of a cyber attack can be devastating, and ignoring this component of digital risk can lead to ongoing issues.

The financial assistance and claims processing products offered by CivicRisk are designed to deliver the kind of resilience councils need in the wake of a security incident. Financial support and the ability to process claims more effectively can help a local government body stay active, even in the direct aftermath of a cyber incident.

The portfolio of cyber risk products available as part of CivicRisk membership includes self-insured, group insurance and risk management support offerings. This is the same approach to all CivicRisk offerings and allows your council to pick a level of coverage to fit its specific needs and guard against all types of dangers.

Overall, the risk management offerings from CivicRisk cover a variety of scenarios and include:

  • Access to a network of service providers that respond fast.
  • Professional development around risk assessment and claims processing knowledge.
  • Mutual funding and grants to support councils.
  • Expert-led risk surveys to determine threat profiles.
  • A Member Portal that contains a large assortment of risk management resources.
  • Collaborative programs with leaders in government and industry spaces.

These are all advantages granted to councils that become CivicRisk members — if you’ve already joined, you can access them now.

Ready To Take Cyber Risk Seriously?

Cyber threats — from opportunistic hackers and sophisticated state-sponsored groups alike — have become a pressing issue. You can no longer afford to move forward without defences and recovery plans in place.

Members of CivicRisk Mutual have access to our full range of offerings, providing helpful value. These assistance and recovery options are a useful part of a fully featured cyber defence strategy, one you can pursue right now.

If you think this would be a good fit for your council, explore the benefits of membership and learn more about the process of joining our community.