| dc.contributor.advisor | Susskind, Lawrence E. | |
| dc.contributor.advisor | Weitzner, Daniel J. | |
| dc.contributor.author | Baral, Avital | |
| dc.date.accessioned | 2022-06-15T13:13:16Z | |
| dc.date.available | 2022-06-15T13:13:16Z | |
| dc.date.issued | 2022-02 | |
| dc.date.submitted | 2022-02-22T18:32:26.389Z | |
| dc.identifier.uri | https://hdl.handle.net/1721.1/143334 | |
| dc.description.abstract | This thesis examines the cybersecurity challenges facing municipal governments and proposes a new policy approach. Through a review of existing public-sector cybersecurity concerns and an interview-based case study of Massachusetts municipalities in partnership with the Massachusetts Cybersecurity Center, this thesis identifies the main problem as a lack of a proper incentive structure for municipalities to prioritize cybersecurity improvements. I propose a new approach to state / local government efforts to improve cybersecurity. I establish the goal of continuous, measured improvement in cybersecurity posture for municipalities, and propose a state-sponsored, eligibility-restricted insurance mechanism for municipalities to systematically lower their cyber risk to meet that goal. In exchange for commitments to implementing regularly-updated cybersecurity best practices, municipalities would receive high-quality, affordable insurance against catastrophic cyber-related losses, and a commitment from the state to aggregate loss and resource-use data to provide best-in-class cybersecurity infrastructure help. I lay out a roadmap for the implementation of such a Massachusetts Cyber Disaster Insurance Program (MCDIP) along with proposals for data-driven refinement of state cybersecurity resource offerings through the use of the new MIT SCRAM platform. This public-sector cybersecurity goal and implementation strategy has implications far beyond Massachusetts and the potential to change the course of cybersecurity policymaking. | |
| dc.publisher | Massachusetts Institute of Technology | |
| dc.rights | In Copyright - Educational Use Permitted | |
| dc.rights | Copyright MIT | |
| dc.rights.uri | http://rightsstatements.org/page/InC-EDU/1.0/ | |
| dc.title | Continuous Measured Improvement: A New Approach to Meeting the Municipal Cybersecurity Challenge | |
| dc.type | Thesis | |
| dc.description.degree | M.Eng. | |
| dc.contributor.department | Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science | |
| mit.thesis.degree | Master | |
| thesis.degree.name | Master of Engineering in Electrical Engineering and Computer Science | |
