Cybersecurity Threats in Local Government: A Sociotechnical Perspective

• Author: Ashlee Frandell,Mary Feeney
• DOI: http://doi.org/10.1177/02750740221125432
• Published date: 01 November 2022
• Date: 01 November 2022
• Subject Matter: Articles

Cybersecurity Threats in Local

Government: A Sociotechnical

Perspective

Ashlee Frandell

1

and Mary Feeney

1

Abstract

The use of information and communication technologies (ICTs) by local governments is widespread and meant to improve

managerial effectiveness and public engagement. ICTs are commonly used by governments to collaborate and communicate

with stakeholders. Yet,the use of ICTs increases local governments exposure to cyberthreats. Cyberthreats are increasing and

local governments are often under-resourced and underprepared for them. While many organizations combat cyberthreats

with technological solutions, it is well known that social aspects—including manager vigilance and buy-in—are critical in

reducing cyber incidents. Thus, governments require both social and technical solutions to cyberthreats. This research

takes a sociotechnical perspective to examine the relationships between social (e.g., values and perceptions) and technical

factors (e.g., design and capacity) and cyber incidents in local government. We use data from a 2018 national survey of public

managers in 500 U.S. cities, data from city government websites, and the U.S. Census. The results indicate that manager buy-in

and perceptions interact with technical aspects to explain reported cyber incidents in government. The f‌indings expand our

understanding of how social and technical factors are associated with cyberthreats in government, particularly manager.

Keywords

Local government, social media, managerial perceptions

Topic codes: 04.Local and Urban Public Administration/Governance, 20.E-government

Introduction

Local governments use information and communication

technologies (ICTs) to enhance government performance

by improving managerial effectiveness and public service

delivery. Many governments have successfully adopted

ICTs to improve service delivery, transparency, and trust.

Governments face the challenge of using ICTs to actively

engage the public and stakeholders, enhance internal col-

laboration and coordination efforts, and advance open

data initiatives while ensuring the protection of individual

rights, privacy, and data security. Technology adoption

does not happen in a vacuum. Managers and their organiza-

tions adopt and use technologies to advance their goals and

interests and in turn technologies shape and alter their indi-

vidual and organizational practices (Orlikowski, 2000). For

example, public organizations have adopted ICTs to

advance organizational eff‌iciencies and the achievement

of public outcomes, but those same technologies bring

increased exposure to cyberthreats. Therefore, govern-

ments must balance opportunities with threats and have

suff‌icient manager buy-in to be successful.

According to an Accenture (2016) study, the public sector

experiences around 50 times more cybersecurity threats as

compared to other industries, leaving governments vulnerable

and often lackingthe technological capacity and conf‌idence to

monitor and limitthe threats. Cyberattacks are a growingthreat

especiallyfor state and city governments whoare typically less

prepared to combat them. Ransomware attacks have shut

down school systems, pipelines, large city governments, and

water treatment facilities resulting in excessive government

payments to deal with economic fallout and regain control

over digital syste ms and infrastruct ure (Muggah &

Goodman, 2019; Tong & Perlroth, 2021). Nearly 70% of

reported ransomware attacks are against state and local gov-

ernments and result in f‌inancial loss, reputational damage,

and loss of trust (Muggah & Goodman, 2019).U.S. local gov-

ernments are particularly vulnerable targets because their

digital infrastructures are weak and outdated, they typically

1

Watts College of Public Service and Community Solutions, Arizona State

University, Phoenix, AZ, USA

Corresponding Author:

Ashlee Frandell, Watts College of Public Service and Community Solutions,

Arizona State University, 411 N Central Ave #750, Phoenix, AZ 85004-

2163, USA.

Email: afrandel@asu.edu

Article

American Review of Public Administration

2022, Vol. 52(8) 558–572

© The Author(s) 2022

Article reuse guidelines:

sagepub.com/journals-permissions

DOI: 10.1177/02750740221125432

journals.sagepub.com/home/arp