Editorial: Pittsburgh should invest in cyber security

As technology and our understanding of how it can be used expands, everyone from individuals to companies to cities to countries is in need of better, more reliable methods of keeping their information safe.

Pittsburgh is one of many cities that plans to make changes to the way it manages cybersecurity. Mayor Bill Peduto announced Monday at a City Council budget meeting that the proposed 2020 budget would redirect economic development and create the position of cybersecurity manager to help protect the City from cyber attacks. This is a smart and necessary move, especially given the recent trend of cyber attacks against city governments around the country.

Baltimore was hit twice this year by ransomware attacks, which is when hackers use software to lock and encrypt data before asking for a ransom in exchange for giving the data back. As a result of these attacks, officials had to shut down most of its servers and the government lost about $18 million, both in revenue and in costs incurred attempting to restore the systems. The previous year, in 2018, Baltimore faced a similar attack when hackers took down the city’s 911 and emergency dispatch systems for about 17 hours. In this instance, safety was obviously a large concern.

Atlanta was the victim of a similar cyber attack in March 2018, when a group of hackers left citizens unable to use online services and the city unable to do anything that required access to their networks. 

The new cybersecurity manager position sounds like a no-brainer in that light, especially with the City’s increased vulnerability in recent years. Pittsburgh’s director of innovation and performance, Santiago Garces, said during that budget meeting that some departments are using computers that are 12 years old. He also said that the number of devices connected to the City’s network has tripled over the course of three years.

These factors make the City more vulnerable to cyberattacks that could cost millions of dollars and disrupt the running of our government. That’s why, as Garces pointed out, the budget allows the City to begin replacing electronic devices that are more than four years old with newer ones. It also plans to invest $1.5 million in “really strong infrastructure,” including a stronger network than the one the City currently uses.

“Having a network that is reliable, that is monitored, that has capacity, is a critical part of cybersecurity,” Garces said.

These are the kinds of preventative measures that all cities — not just Pittsburgh — should seriously consider taking. The consequences of not taking these precautions can be much more expensive and disruptive than the cost of preventative measures.