Silver Sheds Gains in Gold’s Wake as Bears Probe Key $74.50 Support; Sell-on-Rallies Eyes $70 
Mega IPOs Like SpaceX and OpenAI Could Reshape S&P 500 and Nasdaq 100 Portfolios in 2026 
Gold Cracks Below $4,500 as Safe-Haven Shine Fades; Technical Breakdown Signals Sell-on-Rallies Toward $4,000 
AI-Driven Memory Chip Prices May Be Skewing U.S. Inflation Data, Fed Minutes Suggest 
Macquarie Names Five Taiwan AI Stocks Set to Benefit From Data Center Growth in 2026 
Kevin Warsh Faces Early Fed Test as Inflation Risks Challenge Rate-Cut Expectations 
MongoDB Q1 FY2027 Earnings Beat Expectations, Raises Full-Year Outlook 
Morgan Stanley Names Top AI Security and Data Center Stocks for 2026 
Gold Cracks Below $4,500 as Safe-Haven Shine Fades; Technical Breakdown Signals Sell-on-Rallies Toward $4,000 
Xiaomi Shares Drop After Weak Q1 Earnings Amid Rising Smartphone Costs 
JPMorgan Sees Biotech Sector at Turning Point, Upgrades Top Pharma Stocks 
Samsung Workers Approve Wage Deal, Avoiding Major Strike and Boosting Chip Supply Confidence 
Meta Subscription Push Could Add Billions in Recurring Revenue, Says Rosenblatt 
EU Antitrust Probe Could Lead to Massive Google Fine Under DMA Rules 
Within the past few weeks, two large American cities learned that their information systems were hacked. First, Atlanta revealed that it had been the victim of a ransomware attack that took many of the city’s services offline for nearly a week, forcing police to revert to taking written case notes, hampering the Atlanta’s court system and preventing residents from paying water bills online. Then, Baltimore’s 311 and 911 dispatch systems were taken offline for more than 17 hours, forcing dispatchers to log and process requests manually. Both attacks could have been prevented. And they are more evidence of the poor, if not appalling, state of local government cybersecurity in the United States.
We know this because in 2016, in partnership with the International City/County Management Association, we conducted the first-ever nationwide survey of local government cybersecurity. Among other things, the survey data showed just how poorly local governments practice cybersecurity.
Under near-constant attack, but not fully aware
Nearly half – 44 percent – of all the respondents told us they experience cyberattacks at least daily. Based on prior research, we are confident that rate is actually much higher.
The volume of attacks isn’t dropping – and in some cases it’s increasing.
But even so, many communities didn’t know how frequently they are attacked, and most didn’t count or catalog initial attacks – though more than half did track more serious incidents and breaches.
More than half weren’t able to determine who was attacking their systems.
Unprepared to respond, and with not enough support
Certainly, there are local governments that do a commendable job with cybersecurity. If previous research into government information technology systems and electronic government can be a guide, they are most likely larger, more well-funded and more well-managed governments. However, the data from our more recent survey strongly suggest that at least some, and perhaps even a large fraction of, local governments may be unable to respond to electronic intrusions.
In part this is because few local officials are aware of the need for cybersecurity. Nearly two-thirds of the respondents to the survey, who were nearly all information technology or cybersecurity officials, said that top managers understood the need. However, among other groups in local governments, awareness dropped considerably. Perhaps as a result, support for cybersecurity efforts was also not as strong as Atlanta’s and Baltimore’s experiences suggest it should be.
With most local government officials and staff unaware and unsupportive, it is not surprising that cybersecurity is so poor among American local governments. Atlanta Mayor Keisha Lance Bottoms admitted that cybersecurity was not a high priority, although “it certainly has gone to the front of the line.”
And yet, crucial barriers remain, largely to do with how much money is allocated to cybersecurity efforts.
Getting more people in the know
If local officials are going to do a better job protecting their information assets, they’ll first need to know a lot more about what’s actually happening. The numbers of survey respondents who answered “Don’t know” to our questions was surprisingly high. No top local officials, whether elected or appointed, should be unaware of basic cybersecurity information, like whether their systems have been attacked or breached, or who’s attacking their systems and why.
Knowing these answers will only become more critical as computing becomes more deeply embedded in systems running “smart” cities. If computers control traffic lights, sewage plants and electrical grids, then the consequence of attacks is more severe than just loss of information or computer services.
Donald Norris receives funding from University of Maryland, Baltimore County's Research Venture Fund.
Anupam Joshi receives funding for research in cybersecurity from a variety of federal (e.g. NSF, DoD etc.) and Industrial (e.g. IBM, MITRE, etc.) sources
Tim Finin has received funding to support research on cybersecurity from the National Science Foundation, IBM and MITRE.
Laura Mateczun does not work for, consult, own shares in or receive funding from any company or organization that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.
