How Public Entities Can Protect Themselves from the Inevitable Cyber Attack

Last Updated

Jul 14, 2026

Computer Code

Key Takeaways

  • Public entities are top targets with rapidly rising cyber risk
  • Legacy systems, tight budgets, and vendors increase exposure
  • Threats are more advanced and harder to detect
  • Strong defenses + cyber insurance are essential

Understanding Why Public Entities are Top Targets for Cybercrime

Cybercrime is a growing problem, with reported global losses reaching nearly $21 billion in 2025, and projected to hit $14 trillion by 2028. Public entities are considered "low-hanging fruit" opportunities for hackers because they typically have legacy systems that are no longer supported by the software and hardware manufacturers. With no updated software patches, hackers can break into their systems, steal data, lock them up with malware, and demand a ransom. 

Many public entities (villages, towns, cities, counties, schools, etc.) have limited budgets for IT. This includes upgrading systems, hardware, implementing cybersecurity protocols, and educating their users on how to identify a potential phishing email scam. Without all of this in place, the unfortunate result is experiencing a cyber event that shuts down the services public entities provide to their constituents. 

The Importance of Vetting all Your Vendors

With the use of AI phishing schemes, fileless attacks, and ransomware-as-a-service, hackers are executing targeted attacks on many public entities. 

A perfect example of how a targeted cyber-attack can cripple a company occurred on May 7, when Instructure, the company behind Canvas (a popular education platform), was hacked by a group called ShinyHunters, which threatened to release student data. 

The attack is considered the largest educational data breach on record, impacting 8,809 institutions globally and 30 million users. School districts and municipalities didn't get hacked directly—their trusted vendor did. A single compromised vendor can cascade across thousands of public organizations simultaneously, so verifying your policy extends to third-party vendors is critical. 

Protecting the Privacy and Network Security of the Constituents

Public entities require a cyber policy that has the necessary endorsements to mitigate their financial exposures following a cyber incident. The first issue we generally discover when working with our prospective public entity customers is that they have low cyber limits e.g., a $1M limit. With the large amount of Personally Identifiable Information (PII) such as credit card account numbers, banking information, etc., a $1M limit is not sufficient. 

Ransoms in the public entity space on average are more than $5M. There are also additional costs following a cyber incident that include credit monitoring, fines/penalties, notification costs, data breach coaches, and forensics. Without having adequate cyber limits, the cost burden falls on taxpayers. 

Suggested cybersecurity to-dos:

  • Strengthen core defenses: Use real-time monitoring tools; enable multi-factor authentication; deploy email filtering tools (e.g., Barracuda)
  • Manage vulnerabilities: Run ongoing assessments, patch quickly, understand system interdependencies, and conduct regular penetration testing to identify gaps
  • Be incident-ready: Test backups regularly and build an ongoing cyber training program
  • Reduce vendor risk: Monitor third-party security controls and plan for outages or downstream disruptions
  • Align budget and strategy: Invest in cybersecurity (including higher policy limits) and treat cyber as part of critical infrastructure

Blue Screen_Blog Optimized

Cyber Insurance Policies for Public Entities:

  • Ensure adequate limits and confirm the policy is standalone, primary, and non-contributory
  • Verify protection extends to third-party vendors and outdated systems
  • Confirm coverage for social engineering (often capped around $250K)
  • Ensure limits for ransomware and cyber extortion
  • Ensure coverage for data privacy and regulatory risks (e.g., FERPA, HIPAA)
  • Check for business interruption coverage affecting schools, utilities, or emergency services

The Right Risk Management Partner Makes a World of Difference

Cybercrime is an epidemic. In today's digital environment, public entities—from schools to municipalities—are prime targets for cyberattacks. At World, our role goes beyond placing a policy. We partner with you from day one, starting with a cyber insurance check-up, reviewing your current policies and endorsements to identify any gaps or exposures. 

From there, we bring in (or recommend) a cybersecurity specialist to assess your environment and uncover potential vulnerabilities. Finally, we work closely with underwriters to secure the most comprehensive and competitive policy tailored to your needs. 

When a cyber event happens (often at the worst possible time, like nights, weekends, or holidays), our clients contact us immediately so we can activate the carrier's response team without delay. In a cyber incident, timing is critical, so the faster we respond, the better we can contain the threat, limit damage, and reduce the risk of further data loss. 

 

This article is not intended to be exhaustive, nor should any discussion or opinions be construed as legal advice. Readers should contact legal counsel or an insurance professional for appropriate advice.

About the Author

Paul Hacker
Paul Hacker brings a unique blend of experience in both health care delivery and commercial insurance. After building a successful career in sales and management across Managed Care (HMOs), PPOs, PBMs, and cost-containment organizations, he expanded into the property and casualty field in 2018. Paul specializes in professional liability (E&O), management liability (including D&O, EPLI, Crime, and Fiduciary), and cyber liability insurance.