Who is responsible for the readiness of local authorities for a cyber attack?

The author is Colonel (Res.), former Director General of the Department of the Interior, and Research Fellow at the Institute for Counterterrorism Policy (ICT), Reichman University.

The increasing frequency of cyber-attacks on public institutions in Israel makes cyber-attacks on local authorities a matter of time. The numerous gaps and lack of clarity regarding the components of responsibility and authority in the area of ​​preparedness of local authorities to confront cyber threats, which constitute a recipe for expected omission, are due, among other things, to a failure linking politics and economics.

Predictions that cyber attacks on local authorities may occur at any time and in parallel with other emergencies, whether as a result of man-made or natural events, reinforce the urgency of improving their preparedness in order to prevent and minimize damage that may occur.

Experience in Israel and around the world shows that the way local authorities act in different emergencies affects the lives of residents in many areas and even the ability of society and the state to deal with challenges as a result of personal injuries, property and critical infrastructure.

Specialists estimate that a cyber attack on the local authority could lead to social and governmental chaos that would weaken its ability to provide basic services to the population. It can damage infrastructure, lack of water, food, electricity and communications, with all that this entails especially regarding the vulnerable and powerless population.

Reference scenarios for various emergencies at the national and local levels indicate the situations in which the local authority will be required to simultaneously deal with the difficult and complex challenges arising from damage caused by missile launches, terrorist incidents in its territory, as well as cyber attacks.

Many local authorities are not prepared to deal with cyber challenges

It can be assumed that in view of the huge potential damage expected from a cyber attack on local authorities, the necessary steps will be taken to ensure their readiness. But the data shows that many local authorities are not ready to meet the challenges and some are not even at the most basic level.

The reports of the State Comptroller, the Ministry of the Interior, and the Home Front Command are full of findings indicating that there are significant gaps in many important areas. If that were not enough, the lack of clarity regarding the areas of responsibility and authority between central and local government in emergency situations, contributes to difficulties and omissions, some of which are expected.

This condition is a serious and dangerous warning sign that increases over time. Among other things, in light of the accelerating changes in areas of technology that increase the vulnerability of local authorities to a cyber attack, and all this, against the background of the special security reality in which Israel finds itself.

The fact that a cyber attack can occur in local authorities at any time and without any warning, requires urgent assessments and preparation regarding the unique characteristics of the local government. Heads of local authorities and community leaders are required to know their role, responsibilities and legal and normative authority, in order to better prepare for cyber threats.

Financial savings besides protecting human life

Achieving these objectives requires that the government establish a clear policy to bridge the gaps within a unique system plan of local government, which includes appropriate legal provisions that clearly define the division of roles, responsibilities, and authority among the various factors underlying the readiness and handling of local matters. Power electronic attacks.

Besides the value aspect of actually protecting lives, as a result of improving local authorities’ emergency preparedness in the field of cyber threats, experience shows that significant financial savings can be indicated by preventing expenses for handling personal injuries and damages to persons. property and infrastructure.

In conclusion, the writing on the wall is sharp and clear. There are many gaps in the preparedness of many local authorities to confront cyber threats. The potential harm of a cyber attack and the fact that it can happen at any moment and without any warning requires urgent action to fill in the loopholes, including in the area of ​​legislation. The unique characteristics of local government and the electronic world give the element of knowledge and professional training to local authorities importance and urgency. One can only hope that in this case the decision makers will act differently and take the necessary steps in advance – in order to eliminate the need to deal with the devastating consequences that can be prevented in advance.

Leave a Comment