7 Cybersecurity Policies for Local Government
7.1 Introduction
This chapter discusses the various cybersecurity policies needed to establish an effective framework for local government cybersecurity programs. First, it discusses the policy design and development process to ensure that cybersecurity policies are developed effectively and include key stakeholders from across local government. Then, the chapter presents a series of cybersecurity policy recommendations in general order of importance to local governments. The goal is to provide readers with an understanding of the necessary components of cybersecurity policy and also how to best implement them.
7.2 Policy Design and Development
Although developing and implementing cybersecurity policies in local governments typically is a staff function, it is important to involve relevant stakeholders, including elected officials, in this process. Local governments are perfect examples of this situation because they often have subordinate departments, divisions, or agencies that might have their own unique cybersecurity requirements. In large local governments, cybersecurity staff might use a centralized policy planning process to craft a high-level strategic framework that establishes a robust cybersecurity vision, goals, standards, and responsibilities that would be respected by subordinate entities in drafting their own respective policies and procedures. By contrast, in smaller local governments, developing jurisdiction-wide ...
Get Cybersecurity and Local Government now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
