California JPIA logoBy John Caruthers, Executive Vice President / Chief Information Security Officer, Triden Group

As cybersecurity threats continue to evolve, local government staff must stay informed and proactive as stewards of communities’ digital infrastructure. Cybercriminals constantly adapt their tactics, and defense strategies must evolve accordingly. One of the key resources in this ongoing battle is the FBI’s Internet Crime Complaint Center (IC3), which plays a pivotal role in tracking and combating cybercrime.

Understanding IC3 and Its Impact

IC3 is the primary platform for reporting cybercrime. Operated by the FBI, it is instrumental in collecting data on cyber incidents, which enables law enforcement agencies to pursue investigations, identify emerging threats and develop countermeasures. For those in local government, reporting incidents to IC3 is not just a responsibility; it’s a vital part of cybersecurity strategy. Consider it as a digital police report, ensuring each incident is documented and actionable.

Key Insights from the 2023 IC3 Report

The most recent IC3 report provides critical insights into the current cyber threat landscape, highlighting trends to be aware of:

  1. Investment Fraud: This type of fraud saw a staggering 38 percent increase from 2022 to 2023. Cybercriminals target individuals and entities through sophisticated schemes, often leveraging social engineering techniques. It is essential to remain vigilant and educated on recognizing these threats.
  2. Business Email Compromise (BEC): BEC continues to be a significant concern, with $2.9 billion in reported losses. These attacks can severely impact operations by compromising official communications and redirecting funds. Robust email security protocols and continuous awareness training are crucial in mitigating this risk.
  3. Ransomware: Ransomware complaints rose 18 percent in the past year, underscoring the need for robust incident response plans. For small government agencies, a ransomware attack can disrupt critical services, making it imperative to have effective backups and response strategies in place.

Defining a Security North Star

John Caruthers is a retired FBI Special Agent and current EVP/CISO at Triden Group, a California Joint Powers Insurance Authority (California JPIA) partner. He has encountered many successes and defeats throughout the industry. As a result, he advises having a clear “North Star” to guide an agency’s strategy. This guiding principle ensures that security efforts are aligned with an organization’s overall mission and are moving in the right direction. Reporting cyber incidents to IC3 is one of the many steps to take to stay on course.

Providing innovative risk management solutions for its public agency partners for more than 45 years, the California Joint Powers Insurance Authority (California JPIA) is one of the largest municipal self-insurance pools in the state, with more than 125 member cities and other governmental agencies. Members actively participate in shaping the organization to provide important coverage for their operations. The California JPIA provides innovative risk management solutions through a comprehensive portfolio of programs and services, including liability, workers’ compensation, pollution, property and earthquake coverage, as well as extensive training and loss control services. For more information, please visit the California JPIA’s website at cjpia.org