Cybersecurity in the Local Government Sector in Poland: More Work Needs to be Done

Abstract

Although cybersecurity is an important and complex issue that should be addressed by all government levels, so far little research has been devoted to cybersecurity at the local level. Existing literature lacks information on whether municipalities have implemented cybersecurity policies, if such policies are applied in practice and what they encompass. A CAWI method was used to collect the required data. The results indicate that while most municipalities have a document defining their security policy, they do not always apply it in practice. There is still little awareness regarding countering cyber-attacks. Therefore, more emphasis should be placed on such issues as: integrating cybersecurity policies into local government management, the rising threat of cyber-attacks, consultations with security auditors, and cybersecurity management training. Based on all Polish municipalities, the research described in this paper partly fills the identified gap.