Early this year, NALED conducted a survey of information systems and information security at the local level, which included 69 local governments in Serbia.
The survey results show that little has improved compared to the same survey from 2018. Some of the main challenges that local governments are facing when it comes to information security are as follows:
The ratio of IT staff to the total number of employees in local governments is 1/62
20% of local governments do not have an IT employee
In 50% of local governments, employees do not change their passwords regularly
58% of local governments did not perform any information systems security and/or risk assessment
Most local governments use outdated operating systems without support and unlicensed software
66% of local governments do not control the outflow of data from local governments
Based on the analyzed situation, recommendations were given for strengthening the capacity of local governments and the Office for IT and eGovernment, improving regulations in the field of information security and better coordination of reporting and responding to incidents.
The analysis presents one of the results of the Strengthening the capacity of local governments in implementing regulations in the field of information security projrct, which was conducted jointly with RATEL, in cooperation with the Ministry of Trade, Tourism and Telecommunications, Office for IT and eGovernment and the Ministry of Interior. The analysis was preceded by 4 seminars on information security act measures for 153 participants from 79 local governments and two-day technical training on the cyber attack simulation system for 56 system administrators from 42 local governments, conducted by the National CERT.