CNCounty News

Keep your software up-to-date to prevent risks

Author

Image of Rita-Reynolds-2.png

Rita Reynolds

Chief Information Officer & Managing Director, County Tech Xchange

Upcoming Events

Conference

NACo AI South Regional Forum

Related News

County News

Lock it down: Essential password management

updates

Key Takeaways

As we close out the month of Cybersecurity Awareness, there is one more vital area for you to pay attention to. That is the area of keeping your devices up to date with the most recent software. I like to compare this to maintenance on your car. When that little light comes saying it’s time to change the oil, do you take care of it quickly? Or when the tire pressure light is showing low, I would venture to say that you head to the nearest gas station to put air in the tires. Of course, in this modern era, many of us have in-vehicle connected services; services that connect remotely to a cloud solution. These sensors, radars and cameras provide additional safety and comfort features; and generally, have automatic updates turned on so that they continue to function properly.

Learn more

CISA provides a secure means for constituents and partners to report incidents, phishing attempts, malware, and vulnerabilities. Submit a report here

Update Software | CISA

Update Software Tips

Video

National Cybersecurity Alliance (staysafeonline)

Like the car scenario, there are other devices that we use on a daily basis. Your cell phone, your computer, and your watch are just a few examples. In order for those devices to continue to work properly, providers issue regular updates or patches. This ensures that any security vulnerabilities are addressed quickly. The updates also fix bugs, improve overall performance and add new features that improve the experience of using that particular software. 

So, what if you don’t have the update turned or set to automatic? Rather, you click “ignore” or “delay” that update? Well, I decided to ask my trusty digital assistant – GenAI. Here is a great example of what could happen:

Imagine this: you’re a busy county employee who relies on your smartphone and laptop daily to manage emails, access sensitive documents, and stay in touch with team members. One day, you see a prompt for a software update on your phone. “I’ll do it later,” you think, as meetings, deadlines, and phone calls take priority. Days pass, and that little “Update Available” icon becomes background noise.

Unbeknownst to you, the update you delayed included a patch for a security vulnerability that hackers had recently discovered. This vulnerability was actively being exploited, allowing cybercriminals to access devices remotely, steal data, or, in some cases, install malware without the user’s knowledge. Without the patch, your phone and the sensitive information on it are at risk.

Several days later, you’re on a conference call when your phone behaves oddly. Your screen flickers, apps crash, and some notifications don’t make sense. It turns out that, by neglecting the update, your phone was left vulnerable, and a hacker exploited the security gap. They accessed your contacts, emails, and even documents stored on the device. The breach now impacts more than just you – sensitive county data and the privacy of everyone in your contact list could be compromised.

To make matters worse, the hacker was able to install malware that spreads through shared networks. Now, your delay in updating your device could lead to costly consequences for the county, from data loss to financial and reputational damage.

The moral of the story? Cyber threats evolve as quickly as technology does. Updates and patches are your devices' armor, shielding them against vulnerabilities and keeping you, your data, and your organization safe. The next time an update notification appears, remember: a few minutes of inconvenience now can prevent major disruptions later.

So, let’s learn from this scenario. Take those update prompts seriously and encourage your team to do the same – it's one of the simplest yet most effective defenses against cyber risks.

While this is a fictional scenario, it can happen in real-time. These updates aren’t meant to disrupt your life but are designed to protect and enhance your daily experiences. There are several online resources that can help you learn more, both about software updates as well as overall cyber security.

Related News

AI Capitol Hill
Advocacy

NACo Publishes 2025 AI Policy Priorities Primer

On December 4, NACo published its Key AI Policy Priorities for Counties for the 119th Congress, building on the policy platform proposals voted on and passed at NACo’s 2024 Annual Conference.

Image of Telecom-towers.jpg
Advocacy

NACo Legal Advocacy: McLaughlin Chiropractic Associates, Inc. V. McKesson Corporation

McLaughlin Chiropractic Associates, Inc. V. McKesson Corporation could make it more difficult for counties to challenge FCC orders, many of which have taken steps to preempt and curtail local authority by limiting counties’ abilities to manage their own right of way and assess fair market value permitting and impact fees on providers seeking to construct, modify or extend telecommunications infrastructure in their communities. 

passwordstrength
County News

Lock it down: Essential password management

These 10 hints can help you craft strong, secure passwords for various accounts.