Cybersecurity in local governments: A systematic review and framework of key challenges

Abstract

Cybersecurity has emerged as a critical concern in modern urban governance, as local governments now extend their responsibilities beyond traditional infrastructure management to safeguard digital systems and citizen data in increasingly digitised smart city environments. Despite the importance of robust cybersecurity measures, there is a concerning gap—i.e., local governments often exhibit a cybersecurity posture that is inadequately prepared to counter the rising cyber threats. This discrepancy underscores the urgency for a comprehensive understanding of the challenges restricting effective cybersecurity in local governmental settings. This paper aims to elucidate these challenges of local governments in a structured framework utilising a systematic literature review method named the PRISMA protocol. The findings reveal that the stakes are high when it comes to cybersecurity for local governments, with the key challenges being financial resource constraints, technological vulnerabilities, human factors, and the regulatory framework. This study recommends improving interdepartmental coordination, adopting relevant policies, and executing targeted cybersecurity training to address these challenges. The study also highlights unconventional approaches to mitigate financial and skill resource limitations, including the utilisation of open-source security tools, outsourcing specific cybersecurity functions, and establishing collaborations with local cybersecurity agencies, academic institutions, and the private sector to obtain expertise and advanced resources. Overall, this study offers valuable insights into the critical cybersecurity challenges faced by local governments and provides specific recommendations, equipping urban policymakers, administrators, and researchers with valuable guidance to enhance cybersecurity resilience within this critical yet understudied research domain.