Public sector ransomware

Ransomware in the public sector

Ransomware is a real threat to the government sector. Learn more about common entry methods, ways to minimize the risks, and how ransomware has directly affected the public sector.

Many organizations think a ransomware attack will never happen to them. Unfortunately, sophisticated criminals are targeting public sector entities where cybersecurity resources are tight and political damage is large. Baltimore and Atlanta are just two examples of crippling ransomware attacks. These attacks cost $18 million and $17 million respectively. This cost doesn't account for how it also affected services their constituency rely on like emergency services and others.

The Cybersecurity & Infrastructure Security Agency (CISA) recently released a ransomware fact sheet for the public sector. In the fact sheet, public sector entities can learn more about:

  • What is ransomware?
  • Additional resources for public sector entities to combat ransomware
  • Common methods of attack
  • Best practices to minimize ransomware risks
  • How ransomware has affected the public sector
  • How to report a ransomware attack

You can also review additional ransomware resources on the CISA's ransomware guidance and resources page.

Don't become a victim

Protecting your organzation from cyber threats requires more than tools and software. It also requires comprehensive planning, governance, and training of employees to effectively manage your ransomware risk.

Unsure if your organization is adequately prepared? Contact Brian Johnson using the information below.

Brian Johnson

Senior Vice President
Technology Services

Brian joined AGH in 1992. He leads the firm’s technology services practice where he helps clients achieve measurable performance improvements through the delivery of specialized, competency-based information systems management, assurance, and advisory services. He has extensive experience in information security, network engineering, and solution development, with recognized specializations in governance, risk, control, and related consulting services.

Brian is a member of ISACA (previously known as the Information Systems Audit and Control Association), the Kansas Society of Certified Public Accountants (KSCPA), the American Institute of Certified Public Accountants (AICPA), the AICPA’s Information Management and Technology Assurance (IMTA) Section, and the Association for Supply Chain Management (ASCM). He is a Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in the Governance of Enterprise IT (CGEIT), Certified in Risk and Information Systems Control (CRISC), Certified Data Privacy Solutions Engineer (CDPSE), and Certified in Production and Inventory Management (CPIM).

Brian is also a Certified Public Accountant (CPA) and a graduate of Wichita State University, where he earned Master of Accountancy and Bachelor of Business Administration degrees.

Information security is more than technology, it requires educated staff.
See how we can help identify and mitigate your security vulnerabilities.