Cyber security more critical than ever for municipalities

Cyber Awareness Month is coming up in October, but we should make good practice an everyday habit. Cyber threats continuously evolve with changes in social, political, economic, or technological context quicker than we can identify them and educate users within our organization.

With disruptive events such as COVID, many organizations, including municipalities, have had to adapt by using business continuity opportunities such as work-from-home arrangements. These arrangements have created opportunities for cyber criminals to gain government employees' access credentials for Office 365 and other systems. Also, without being on the organization’s network, some employees may be even more vulnerable to threats as home routers may not have been updated or still have a generic password.

As an order of government, municipalities can be a target for such threats. Also, many municipalities operate critical infrastructure and services that could be disrupted by a breach. With hacking campaigns recently directed at Alberta municipalities, this is a good time to remind staff about good cyber practices. Remind staff to remain vigilant for suspicious emails and requests, keep their passwords updated regularly, and perform system updates.

We encourage our members to take advantage to our new, free Cyber Security & Information Protection eLearning module, produced by the Government of Alberta.

If you are an AMSC Insurance subscriber and believe your organization may have been affected by a breach, call 310-AUMA to speak to a member of our claims team. You may also have breach notification obligations to the Office of the Privacy Commissioner.

Critical infrastructure stakeholders who believe they have been targeted by a similar campaign are encouraged to report the activity to the Canadian Centre for Cyber Security (CCCS) at 819-956-3441 or cyberincident [at] cyber.gc.ca (cyberincident[at]cyber[dot]gc[dot]ca). To facilitate provincial-level situational awareness and critical infrastructure protection, municipal stakeholders are also encourage to report apparent incidents of cyber targeting to the Alberta Security and Strategic Intelligence Support Team (ASSIST) at assist [at] gov.ab.ca (assist[at]gov[dot]ab[dot]ca).