Public entities can have a lot of sensitive data in their IT systems. When this data becomes compromised in a cyber attack, a public entity could find itself facing incredibly difficult legal situations.
For one, the organization could end up having legal actions brought against it by parties who claim to have suffered harm as a result of the data breach. When facing any type of litigation, a public entity may have many questions and concerns about how to navigate the situation. Attorneys skilled at public entity representation can help public entities that are facing litigation in their efforts to find the right strategy for addressing their situation.
Given the potential of cyber attacks to cause considerable problems for a public entity and the individuals it serves, cybersecurity is a very important issue for public entities.
There are a wide range of things that could pose cybersecurity problems for a public entity. One of these is use of unapproved software or cloud services on work computers by the entity’s employees.
In today’s world, there are all kinds of software programs and services a person can download or access from the internet. Unfortunately, public entity workers don’t always stick just to approved software programs and services when it comes to their work computers. According to a recent Governing article, use of unsanctioned software/services by employees is relatively common at government workplaces.
Why is this a cybersecurity problem? Well, while some software programs and services available on the internet are mainstream and are relatively safe, others are on the more obscure side and are more of an unknown regarding how safe they are. Programs in this latter category are sometimes called shadow IT. When a public entity’s workers put shadow IT onto their work computers, there is the potential that the programs could be creating security holes in a public entity’s IT system or introducing malware into it. This could compromise the system and the data it holds.
So, the problem of shadow IT is one it can be important for public entities to give careful thought to. What things do you think would most help with cutting down use of unapproved software in public entity workplaces?
Source: Governing, “The Cyberthreat to Government That's Lurking in the Shadows,” Tod Newcombe, April 2017