Civic Innovations

If you need an object lesson to demonstrate how inextricably linked technology is to the basic functioning of government, just look at the municipal governments that have been hit with cyber attacks recently and forced to shut down their digital systems.

For these governments it’s like a bumpy trip back to the way they used to operate decades ago. I wrote about this not long ago after Suffolk County New York was hit with a ransomware attack that forced them to rely on fax machines and other antiquated technology.

We are going to revert to 1990. We are going to teach millennials what a fax machine was.

Lisa Black, Chief Deputy Suffolk County Executive

Some trends in the local government technology ecosystem are making this issue more acute. Over the past ten years, there has been a trend toward consolidation in the market for local government software, with a shrinking number of firms providing service to an increasing number of local government customers. In addition, local governments often eschew managing their own infrastructure and solutions, favoring instead solutions that are built on a SaaS model.

At the confluence of these trends is a company like Cott Systems, a SaaS provider of municipal record keeping and court systems solutions. The company was hit with a cyber attack recently which forced it to shut down its service, bringing business in local governments across the country to a standstill. Cott reportedly has 400 local government customers across 21 states.

This feels like it should be a bigger story. I became aware of this particular incident because it affected my home county. If the trends toward more consolidation in the local government technology market, and local governments pushing everything out to the cloud via a SaaS provider continue this problem will get worse.

There has to be some ways to mitigate this. Certainly awareness is one issue. It seems like more mainstream coverage of this issue is warranted, as is more awareness on the part of local officials of the risks they take on when they put all their eggs in one basket with a SaaS provider in this way.

Maybe the effort to create a FedRAMP-style program for state (and hopefully local) governments will help officials vet their technology partners more thoroughly. It’s encouraging to see cybersecurity at the top of the priority list for state and local government officials, but this is an area that definitely needs more good ideas.

The link between the job of government, and the technology solutions governments use to do that job is too strong. As much as I loved the 90’s, we can’t go back.