Cybersecurity

Published: September 13, 2021

Cyber risks are an increasingly important consideration for Minnesota cities. Stories of computer system hacking and ransom demands are frequently in the news. Liability for data security breaches and electronic theft of city funds can be costly. Equipment or data destroyed in a virus attack can be time consuming to repair and restore.

The League of Minnesota Cities Insurance Trust (LMCIT) is committed to helping cities meet these challenges. The Trust has a variety of coverages and programs available to help monitor and manage your city’s cyber security.

Key actions to consider in addressing cyber issues

  • Train employees and council on the mechanisms of malicious software so they can keep your computers, network, and data safe.
  • Budget for technology reliability and replacement.
  • Adopt best practices policies for computer use, social media activity, and electronic fund transfers.
  • Become familiar with your liability coverage for computer and data losses. Promptly report any claims.

Fitting technology into the city’s budget

Budgeting for technology plays a key role in ensuring your city has funds to maintain current equipment, replace outdated technology, and plan for future initiatives. As cities grow more dependent on technology, reliability and replacement is critical.

Coverage for cyber and computer-related risks

Unlike most private insurers, LMCIT does not issue a separate coverage document for cyber risks. Instead, cyber risks are built into the Trust’s standard liability, property, crime, bond, and auto coverages.

View information on LMCIT “Coverage for Cyber and Computer-Related Risks

Training

Prepare for and defend against cyber-attacks by using these resources.

e-Risk hub

This is a private, web-based portal containing information and technical resources to assist LMCIT members in the prevention of network, cyber, and privacy losses, and to provide support in the timely reporting and recovery of losses if an incident occurs.

View how to access the e-Risk hub

Security training software for your employees and council

The League offers a volume pricing discount for “KnowBe4” security awareness training software. With awareness training, employees learn the mechanisms of spam, phishing, malware, and ransomware attack methods. They can apply this knowledge in simulated attacks to understand what dangers to look for — before it happens for real!

View the KnowBe4 volume pricing details

NEOGOV online training

LMCIT offers web-based training provided by NEOGOV to all members at a low cost. NEOGOV provides several options for training employees on cyber risks, along with a variety of other safety courses.

View information on NEOGOV security training and a course list

Best practices and policies

Adopt practices and policies that can help reduce your risks and prevent losses.

Computer and network loss control

Learn about risks in storing and sharing city data on computers and portable devices. Use this information to protect the city from data breaches, virus contamination, malware, ransomware, and other hacker attacks. Outlines best practices in anti-virus protection, firewalls, encryption, and backup procedures.

View information on computer and network loss control

Electronic transfers to prevent losses

Learn how to prevent losses from electronic theft and fraud. Electronic Funds Transfer (EFT) fraud attacks often use social engineering — the psychological manipulation of people into performing actions or divulging confidential information — to gain access to city funds. Both training and city policies can help employees spot EFT fraud attempts and prevent losses.

View information on best practices to help prevent electronic theft and a model electronic funds transfer policy