1. Introduction and Background

The role of local governments has evolved significantly in the digital transformation age, with the digitalization of public services, data management, and inter-departmental communication [1,2,3]. This transformation has made local governments more efficient and responsive to constituents’ needs, in many cases with the adoption of artificial intelligence (AI) solutions [4,5]. However, this transformation also poses challenges, particularly in cybersecurity, given these governments’ possession of vast amounts of sensitive data, which cybercriminals often perceive as attractive resources [6,7,8]. While central governments and national agencies often receive substantial attention in cybersecurity dialogues, local governments stand uniquely vulnerable due to a limited budget, a lack of cybersecurity infrastructure and expert workforce, the absence of regulatory compliance, and a lack of prioritization by the concerned authorities [9,10].

The frequency and intensity of cyber-attacks on local governments have significantly increased in recent years [7,8,11,12,13]. One of the earlier scholarly publications in this research field by Caruson et al. [14] indicated that local governments experience cyber-attacks constantly, and only a fraction of them are prepared. Norris et al. [15] conducted a nationwide survey in the USA, revealing that 28% of local governments experienced cyber-attacks hourly or more frequently, with 19% reporting at least one attack per day. The failure to address the cybersecurity concerns of local governments may result in significant consequences, such as the unauthorized disclosure of sensitive information and documents [16], damaging the government’s reputation [17], causing high costs for fixing security breaches [12], and hindering the ability to effectively address routine and emergency service needs [18].

Despite the growing threat landscape in local governments, there is an enormous gap of knowledge in terms of the specific challenges and solutions, attack types and techniques, tools, and available frameworks and standards for local governments in cybersecurity-related matters [6,8,10]. This lack of academic research is also evident in the multiple articles reviewed in this study. For instance, Norris, Mateczun, and Forno [6] indicated that they found only three articles in the publication period from 2000 to mid-2021 that specifically addressed cybersecurity in local governments. Chodakowska et al. [19] mentioned in their study that “despite the recognized need to implement cybersecurity strategies and legal norms, so far there has been little research verifying the adopted solutions in practice or analyzing actual examples of cybercrime in public entities, especially at the local government level”.

Most existing articles adopt a descriptive stance, focusing on the significance and landscape of cyberthreats without providing theoretical frameworks or empirically based strategies to understand cybersecurity issues [6]. This intellectual gap not only reflects a noticeable deficiency in knowledge among officials and decision-makers in local governments, but it also suggests a broader systemic disregard for integrating and prioritizing cybersecurity in local governments, necessitating further research in this domain.

Considering the context described above, this paper seeks to identify the key components of cybersecurity and subsequently develop a conceptual framework to understand the cybersecurity landscape within the local governmental context by addressing the following research questions:

• How is the cybersecurity landscape characterized within the local governmental context?

• What are the key components essential for a comprehensive understanding of cybersecurity in the local governmental context?

This study used a systematic literature review to identify relevant articles in the cybersecurity–local government research fields. It then conducted a comprehensive analysis, followed by a discussion and a conclusion. This paper is organized as follows: Section 1 and Section 2 of this study establish an outline by offering a concise explanation of cybersecurity and its importance, as well as identifying a current gap in knowledge; Section 3 outlines the methodological procedures employed in this study; Section 4 presents the findings derived from the systematic literature review; Section 5 comprises the discussion; and Section 6 contains the conclusion of this study.

2. Background to the Cybersecurity Concept

Cybersecurity is a crucial strategy for organizations to protect networks, computers, programs, and data from attacks, damage, or unauthorized access [12]. The National Institute of Standards and Technology (NIST) in the USA defined cybersecurity as “the process of protecting information by preventing, detecting, and responding to attacks” [20]. Meanwhile, the International Organization for Standardization (ISO) defined cybersecurity as the “safeguarding of society, people, organizations and nations from cyber risks” [21]. Cyber risk is the effect of uncertainty on cybersecurity objectives [22]. The NIST provides an elaborative definition of cyber risk. Indeed, according to NIST Special Publication (SP) 800–160, cyber risk is “the risk of depending on cyber resources (i.e., the risk of depending on a system or system elements that exist in or intermittently have a presence in cyberspace)” [23].

Cybersecurity is frequently confused with the term information security [24,25]. However, despite their interconnectedness, these two have distinct meanings. Information security is the “preservation of confidentiality, integrity and availability of information” [22]. In this definition, confidentiality is the property of information that is not disclosed to unauthorized individuals, while integrity is the property of accuracy and completeness, and availability is the property of being accessible and usable on demand [4,22,26,27]. Cybersecurity, on the other hand, is a subset of information security and concerns the management of information security risks that arise when data are stored, transmitted, and processed in digital formats within computer systems, storage devices, and interconnected networks [21,24]. According to the ISO, cybersecurity also includes Internet security, network security, and web security, as shown in Figure 1.

The Internet is a global system of interconnected digital networks that connects billions of servers, computers, and other hardware devices. Internet security is the protection of Internet-related service organizations and users. The World Wide Web, also known as the web, is a platform for sharing information on the Internet, consisting of billions of digital documents accessible through a web browser. Web security is the protection of information on the World Wide Web and web services. Network security involves designing, implementing, operating, and improving networks, as well as identifying and addressing security risks within and between organizations and users.

Network security encompasses various types of networks within an organization, including local area networks, wide area networks, personal area networks, and wireless networks, including routers, hubs, cabling, telecommunications controllers, key distribution centers, and technical control devices. Cybersecurity also entails protecting Internet-connected systems from potential attacks, including the cloud, hardware or endpoint, and software or applications [21]. Based on the insights from the ISO definitions and scholarly publications, we identified seven critical domains of cybersecurity for organizations, especially local governments. These domains are Internet security, web security, network security, data security, endpoint security, application security, and cloud security. We structured our research and discussion to cover all these cybersecurity domains, which encompass a comprehensive range of cybersecurity aspects.

3. Research Design

This study employs a systematic literature review approach, following the Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) protocol. This methodological approach is consistent with the methods used by [28,29,30,31,32]. The PRISMA protocol is a three-stage research process: planning, conducting a review, and reporting and dissemination. The planning phase sets the research aims, questions, and inclusion and exclusion criteria, while conducting the review phase involves identifying and reviewing relevant articles, and the reporting and dissemination stage analyzes and synthesizes the findings and reports them.

As per the PRISMA protocol’s initial stage, we framed our research aim and questions, as stated in the Introduction and Background, to obtain insights into the cybersecurity landscape of local governments. To set the scope and central focus of this study in the local governments and cybersecurity domain, we chose ‘cybersecurity,’ ‘cyber-attacks,’ ‘local government,’ ‘local council,’ ‘municipality’, and ‘smart city’ as the keywords. We selected other keywords, excluding ‘smart city,’ in accordance with this study’s aim and research question. In recent years, many local governments around the world have embraced the smart city concept. Tech-giant International Business Machines (IBM) Corporation first put forward the smart city slogan in 2009 [33]. A smart city does not have any specific or universal definition, but the concept usually refers to an ecosystem that combines current and emerging technologies such as AI, sensors, the Internet of Things (IoT), robotics, web 3.0 technologies, digital twins, and smart grids to offer better and more seamless services to the citizen as well as increase the efficiency of the service providers [2,34,35,36,37]. In summary, Yigitcanlar et al. [38] defined the smart city as the convergence of technology and the city. Local governments’ shift toward smart city initiatives exacerbates cybersecurity risks as it adds complexity to data management and interconnected systems [7,33,39,40]. Therefore, we included ‘smart city’ as a keyword in our study to signify the growing role of local governments in digitally integrated urban spaces. After finalizing the keywords, we set the primary inclusion and exclusion criteria, as illustrated in Table 1, to research relevant articles complying with the PRISMA protocol. We further discussed the inclusion and exclusion criteria in the following section.

In the review phase (second stage) of the PRISMA protocol, we initially categorized the chosen keywords into terms related to cybersecurity and terms related to local governments. We performed this categorization to conduct a ‘keyword search,’ which aimed to select the articles most relevant to our research. We also included supplementary terms like ‘information security’ and ‘data security’ to broaden our search and find the relevant scholarly literature. Subsequently, we developed the following search query to identify relevant articles: ((“cybersecurity” OR “cyberthreat” OR “cyber risk” OR “information security” OR “data security”) AND (“smart city” OR “local government” OR “municipality” OR “council”)). Figure 2 shows a screenshot of this study’s ‘keyword search’ process following the PRISMA protocol. We executed the search within titles, abstracts, and keywords in mid-July 2023 in the following databases: Scopus, Taylor and Francis Online, IEEE Xplore, Wiley Online Library, Sage, ScienceDirect, Proquest, Directory of Open Access Journals, and the Queensland University of Technology (QUT) Library Collection. We opted for a multi-database strategy because of the limited availability of scholarly publications, as indicated in numerous studies. Therefore, we expanded our search for scholarly articles to include university (QUT) library collections in addition to public databases.

We did not set a publication year filter to identify a trend in the research interest in this field. Initially, 3861 articles appeared in the search across all databases. However, to ensure high-quality sources and increase academic acceptance, we executed the primary inclusion and exclusion criteria as described in Table 1. In this study, we only considered academic journal articles that underwent a peer review, were published in English, and were available online in full text. We excluded books, chapters, reports, editorials, conference proceedings, and publications that did not meet the primary inclusion criteria listed in Table 1 from our search results. The number of selected articles was substantially reduced to 642. This exclusion was important to maintain a focus on peer-reviewed journal articles, which typically offer a more rigorous and detailed examination. We suspected that some articles might have appeared in multiple databases. Therefore, we eliminated duplicates (n = 154), resulting in a reduction in the total number of articles to 488. All these articles were ‘eye-balled’ for consistency and accuracy [41,42] with the research keywords and category formulation criteria presented in Table 2. Following this preliminary screening, 365 articles were eliminated, leaving 123 articles eligible for a second screening.

We re-evaluated these articles based on the secondary inclusion and exclusion criteria, as described in Table 1. As per the secondary inclusion criteria, we refined our selection to articles that addressed cybersecurity issues involving local governments, regardless of whether they mentioned smart cities. We also included articles that discussed cybersecurity in the context of smart cities, regardless of whether they indicated a central or local governmental role. In contrast, the secondary exclusion criteria eliminated articles that focused on subjects outside of the areas specified in the secondary inclusion criteria. The execution of primary and secondary inclusion and exclusion criteria is a common practice in the PRISMA protocol adopted by many researchers [29,30,41,42,43,44]. This approach played a crucial role in our study by eliminating the irrelevant literature and focusing on the most relevant articles that provided valuable information about the cybersecurity landscape in local governments. After applying the secondary inclusion and exclusion criteria, we finally identified 53 articles that matched our research aim and question, which were then systematically reviewed and analyzed in this study. Figure 3 illustrates the aforementioned steps for article search and selection as a step-by-step guide.

The third stage (reporting and dissemination) of the PRISMA protocol involved investigating the selected articles (n = 53) using a descriptive technique instead of a statistical analysis. This screening procedure aimed to systematically assess the selected articles based on predetermined criteria in order to prepare a conceptual framework for the local government’s cybersecurity landscape. We followed a three-step process to develop this framework: first, we selected a foundation for the framework; second, we identified cybersecurity components for local governments, including the types of attacks and attackers, important data types, barriers, solutions, and assessment tools; and finally, we categorized these components and designed the framework. During the construction of this systematic literature review paper, additional publications on the subject were incorporated to provide further evidence and improve the review’s overall structure. In total, this paper cites 132 references, including both the selected and additional literature.

4. Analysis and Results

4.1. General Observations

The academic focus on cybersecurity in local governments began in 2012, as found in this review (Figure 4), coinciding with a rapid technological renaissance and the evolution of the ‘smart city’ concept [45]. Local governments actively embraced these technologies to enhance operational effectiveness, improve public services, and foster a meaningful engagement with residents [46,47]. As they transformed into smart cities, their cyber risk profile escalated in complexity and scale [7]. The academic contribution to cybersecurity in 2012 predicted an increase in scholarly interest thereafter. However, the academic literature did not extensively investigate this topic until 2018.

Since 2018, there has been a surge in scholarly research on cybersecurity issues, possibly linked to the growing adoption of smart city initiatives by cities around the world. Out of the 53 reviewed articles, 49 were published after 2018, with 18 in the last year and a half alone. However, there is a skewed focus on the technological aspects of cybersecurity solutions in smart cities, often overlooking non-technical aspects such as knowledge and awareness gaps, deficiencies in policy and implementation, and an appropriate understanding of the cybersecurity landscape from a local governmental perspective. To comprehensively understand and address these multifaceted cybersecurity issues, a local governmental viewpoint requires a balanced approach and a proper understanding of their landscape.

Out of the 53 articles examined, 28 did not provide a comprehensive discussion of a specific country’s setting, instead offering a generic overview of a topic (Figure 5). For instance, Ahmadi-Assalemi, Al-Khateeb, Epiphaniou, and Maple [35] reviewed cyber incident response and resilience in smart cities; Bokhari and Myeong [48] examined the impacts of AI on smart city cybersecurity and e-governance; Efe and Isik [49] analyzed the perception of Industry 4.0 transformation and its implications for cybersecurity; Kim, Istabraq Mohammed, Ramachandran, Kim, Zia, and Almorjan [37] presented the outcome of a comprehensive literature review on smart cities’ cyber forensics and cybersecurity; Ma [50] provided a technical overview on cybersecurity technologies in smart cities; Siddiqui et al. [51] investigated the security architecture of smart cities in contract-based mechanisms; and Verhulsdonck et al. [52] analyzed the existing literature on cybersecurity, playable cities, and smart cities.

The USA has the highest number of contributions to the field of cybersecurity and local government, accounting for 11 articles, including the first-ever contribution in this research field, where Caruson, MacManus, and McPhee [14] presented survey results on the cybersecurity status of local governments in Florida. MacManus et al. [53] also published a portion of the same survey. Among the remaining articles published in the USA context, Wolff and Lehr [9] discussed mitigating the economic impacts of cyber-attacks; Norris, Mateczun, Joshi, and Finin [11] presented findings from a focus-group discussion on cybersecurity issues in Maryland; Norris, Mateczun, Joshi, and Finin [7] and Norris, Mateczun, Joshi, and Finin [15] featured a survey from the first-ever national survey on cybersecurity issues of local governments in the US; Hatcher, Meares, and Heslen [10] featured a comprehensive survey on cybersecurity in local governments; Norris and Mateczun [8] presented the findings of a key informant survey on cybersecurity issues, followed by a comparative analysis between those results and the first-ever nationwide survey in the US; Preis and Susskind [54] discussed the importance of cybersecurity; and Frandell and Feeney [18] discussed managerial perceptions and cyber incidents.

Australia, Indonesia, and Poland have contributed similarly to this domain, each with three articles. Among the three studies in Australia, Ibrahim et al. [55] evaluated the cybersecurity posture of a local government in Western Australia; Ali et al. [56] discussed cloud service information security requirements in Queensland; and Neupane et al. [57] explored stakeholder trust in smart city technology adoption. In the three articles which featured findings from Indonesia, Alam and Ibrahim [58] discussed cybersecurity’s importance in smart city infrastructure; Madjid, Legionosuko, and Samudro [26] examined Bogor’s information security strategy; and Sensuse, Putro, Rachmawati, and Sunindyo [27] explored cybersecurity objectives and technology for the new capital city in Indonesia.

Among the three articles which featured findings from Poland, Karpiuk [59] discussed the position of local governments in their nation’s cybersecurity system; Chałubińska-Jentkiewicz [4] examined the ICT network as a public task for local governments; and Chodakowska, Kańduła, and Przybylska [19] presented the findings of a survey on the cybersecurity issues of local governments. Two articles in the Taiwanese context examined the information security process and policy [60,61]. We also discovered one article each in Georgian, Indian, and Saudi Arabian contexts. Napetvaridze and Chochia [62] reviewed cybersecurity policy and law history in Georgia; Ahmad et al. [63] discussed smart cities and their cyber–physical systems in India; and Alhalafi and Veeraraghavan [64] examined the challenges in implementing cybersecurity measures in Saudi smart cities.

4.2. Data Landscape within Local Governments

Regardless of their size and geographical setting, local governments store and manage a wide array of data, influencing policy execution, decision-making, and community engagement. This review identified 20 different types of data that local governments typically store and manage. Figure 6 presents the data that local governments typically store and manage.

Depending on their functionality, we can classify these data into four broad categories: (a) individual-centric data focus predominantly on data that belong to residents, including personal information [7,11,53], financial information [13,65], medical records [35,66], education records [19], and utility usage data [11,67]; (b) public safety and governance data refer to the data that are crucial for governmental operations and public welfare, such as surveillance and monitoring data, public safety data, election and voter information, vendor and procurement data, and employee and contractor data; (c) infrastructure and utility data are those that provide insights for traffic and public transportation patterns, infrastructure management, utility consumption, property records, waste management, and IoT device data; and (d) community and environment data refer to data such as recreation and public events, chats with residents and between residents and local governments officials, public feedback and suggestions sent through an online medium, environmental data such as pollution data, air quality data, weather data, water quality data, and other environmental monitoring and historical data.

4.3. Types and Techniques of Cyber-Attacks in Local Governments

Local governments are frequently targeted for cyber-attacks [6,68]. The types and techniques of attacks are diverse and continuously evolving. A comprehensive understanding of common attack types and techniques can help practitioners and researchers develop effective defensive measures and a more targeted approach to policymaking to safeguard critical data and digital infrastructure in local government. Therefore, we made an attempt to list all the types and techniques of cyber-attacks addressed by the existing literature in this field.

Caruson, MacManus, and McPhee [14] initially contributed to the local government cybersecurity research field by investigating cybersecurity issues in 67 counties in Florida, USA. Their study marked viruses and worms as the most common types of attack, followed by phishing, bots, spyware, and Domain Name Systems (DNS). The first nationwide survey in the USA on local governments’ cybersecurity by Norris, Mateczun, Joshi, and Finin [15] highlighted ransomware as the most prominent form of cyber-attack. In a different study by Norris, Mateczun, and Forno [6] on 11 cities and three counties in the USA revealed that 85.5% of the cyber-attack had been caused by phishing or spear phishing, followed by zero-day target attacks, brute force attacks, Denial of Service (DoS), Distributed Denial of Service (DDoS), and man-in-the-middle. Hatcher, Meares, and Heslen [10] conducted a study on the cybersecurity practices and policies of local governments in the USA, and they mentioned ransomware, phishing, and DNS attacks as the most common types and techniques of cyber-attacks on local governments. An assessment of the cybersecurity posture of a cloud infrastructure in a local government in Australia by Ali et al. [69] revealed IP spoofing, man-in-the-middle, malicious insiders, and DoS as common types and techniques of cyber-attacks. We compiled a few common cyber-attack events on local governments from the reviewed literature in Table 3 to further investigate the various types and techniques of cyber-attacks targeting local governments.

This review identified a total of 30 types and techniques of cyber-attacks that pose significant threats to local governments’ cybersecurity. Malware attacks, including ransomware, spyware, and adware, pose a significant threat to local governments, disrupting operations and compromising sensitive information confidentiality and integrity [14,36,50]. Code Injection Attacks, such as SQL Injection, Malvertizing, and Cross-Site Scripting (XSS), are a significant threat to web-based services and applications, exploiting software vulnerabilities to execute malicious code, leading to data breaches and unauthorized system access [35,62,76]. Spoofing methods like IP, ARP, and DNS trick and redirect communication networks, which lowers trust and could lead to data theft and unauthorized access to network resources [56,65,67,77]. DoS and DDoS attacks disrupt local government operations by overwhelming systems with traffic, incapacitating essential digital services, and causing significant operational disruptions [9,36,78].

Social engineering is a common technique of identity-driven attack that tricks people to bypass the regular security procedures of the local government or any other organization. Identity-driven attacks also include phishing, spear phishing, and whaling, which exploit human factors and authentication processes, often leading to unauthorized access and information theft [8,79,80]. Insider threats, both malicious and negligent, are a significant challenge due to attackers’ access to systems and knowledge of internal processes, causing significant damage and data loss [7,15,80]. Other sophisticated attack techniques, such as zero-day attacks, repudiation, tampering, spamming, and, particularly, Advanced Persistent Threat (APT), underscore the evolving and persistent nature of cyber risks [25,51,67,74]. APTs, characterized by their stealth and persistence, pose a continuous threat to the security of sensitive government data. Table 4 provides a comprehensive list of the cyber-attack types and techniques that are frequently cited in the existing literature concerning cybersecurity in local governments.

4.4. Purpose of Cyber-Attacks

Our systematic review identified various motivations that drive cyber-attacks on local governments. One major incentive behind these attacks is the possibility of unlawfully obtaining information about residents and employees, such as personal details or credit/debit card details. When accessed, such information becomes an asset to trade for financial gain in the digital marketplace and on the dark web. Ransomware is another method employed by cybercriminals to profit by holding crucial administrative data and infrastructure of local governments hostage until a ransom is paid, typically in the form of digital currencies [49].

Apart from financial causes, cyber-attacks against local governments are often driven by political motives such as espionage and hacktivism. Espionage, often orchestrated by state-sponsored actors, aims to extract sensitive information for strategic or political gain [67]. Hacktivism, driven by ideological factors, leads certain cyber-attackers to target local governments to voice political or societal grievances [7,8]. Given the close-knit relationship between local governments and their constituents, such attacks can amplify the hackers’ messages, creating significant community unrest. Personal vendettas add another layer to the threat landscape [7,15]. Discontented individuals, perhaps former employees or those who feel wronged by local governance decisions, might resort to cyber-attacks as instruments of revenge or retribution. Their intimate familiarity with the inner workings of the local government can potentially exacerbate the damage caused.

Many groups or individuals simply hack local government systems to cause mischief or out of curiosity, show their hacking skills, and for community recognition, often resulting in service disruptions and data breaches [7,15]. We have also found the mention of terror attacks as one of the purposes of cyber-attacks, which seek to create a sense of fear, disrupt essential services, or erode public trust in systems of governance [7]. Regardless of the purposes or motivations, cyber-attacks not only affect local governments financially but also stain their reputation and public trust. Therefore, gaining insight into these diverse motivations is crucial for local governments to strengthen their defenses and proactively anticipate potential threats.

4.5. Type of Attackers

The reviewed articles provided insights into the types of cyber-attackers targeting local governments. In total, we found the mention of attackers in 13 articles among the 53 we reviewed [6,7,11,15,35,36,37,50,53,65,80,82,85]. Based on the discussion provided in the reviewed articles, the common types of cyber-attackers can be divided into four categories: external actors (organizations), external actors (individuals), state actors, and malicious insiders.

External actors (organizations) refer to the organized groups such as terrorist cyber groups, hacktivist groups, and mercenary or “for-hire” hackers targeting systems for financial gain or political motives, often with sophisticated tools and tactics, driven by specific agendas or missions [7,8,35,36,50,65]. External actors (individuals) engage in cyber-attacks driven by individual motivations, which encompass an array of factors such as financial incentives, curiosity, the showcasing of skills, or anger. Examples of such attackers include hackers, criminals, political activists, young people, and spammers [7,8,11,15,36,37,50,53,65,82].

State actors such as cyber militias and patriotic hackers backed by national governments engage in cyber espionage, cyber warfare, and other strategic operations, targeting critical infrastructure, government data, and other nations’ strategic assets [7,8]. A particularly insidious threat to local governments comes from within—malicious insiders. These individuals may be associates, contractors, or current or former employees. The motivations of malicious insiders, which may include financial incentives, personal grievances, or ideological biases, pose significant challenges for local governments [7,36,65,80,85]. Their intimate knowledge of and access to sensitive information and critical systems make their attacks potentially devastating.

4.6. Barriers and Recommended Solutions for Local Governments

Local governments face numerous barriers to maintaining strong cybersecurity measures. In fact, this systematic review identified a total of 16 barriers to cybersecurity for local governments. The lack of sufficient funds is the most significant barrier, as mentioned in several articles [4,7,8,11,15,19,53,61,84]. Other key barriers include the absence of cybersecurity policies and regulations, inadequate training provisions [61], and a lack of expertise [11,58]. The lack of collaboration among departments and partnerships with external entities is also a major barrier to ensuring effective cybersecurity in local governments [58]. Figure 7 presents the barriers identified in this systematic review. For better comprehension, we categorized the barriers into four broader groups: (a) resource and infrastructure challenges; (b) technical and operational challenges; (c) policy and regulatory challenges; and (d) accountability and behavioral challenges.

To counter the barriers or challenges, we identified a total of 23 recommendations during our systematic review. Most of the articles emphasized the need for more financial resources to develop appropriate strategies and implement them. These included recruiting skilled personnel, adopting advanced technologies, and ensuring system monitoring and updates [7,10,14,80]. Other recommendations included establishing well-defined cybersecurity policies, standards, and educational initiatives, as well as expanding technical proficiencies through AI [7,15,53,80,82]. Some of the reviewed articles also emphasized the importance of human factors in cybersecurity, such as enhancing the knowledge of government personnel [7,49], conducting background checks [14], and ensuring comprehensive training and accountability for Information Technology (IT) infrastructure users [15,53]. Hatcher, Meares, and Heslen [10] and Demertzi, Demertzis, and Demertzis [13] recommended strategic alliances with businesses and research institutions to understand and reduce cyberthreats in local governments. Figure 7 lists all the recommended solutions along with the barriers. The barriers and recommended solutions are further discussed in the Discussion Section (Section 5.2.4) of this paper.

4.7. Cybersecurity Tools

Cybersecurity tools are software and hardware designed to safeguard electronic records, networks, and systems from cyberthreats. After recognizing the paramount importance of cybersecurity for local governments, an array of tools can be used to fortify their digital infrastructure. This study identified 20 such tools mentioned throughout the selected literature. Table 5 presents these tools along with a description. Fundamental tools such as antivirus software are crucial in protecting against various malware, viruses, worms, and Trojans [14,64]. Their effectiveness relies on regular updates to combat evolving cyberthreats. Anti-phishing tools detect and neutralize phishing attempts, particularly in emails, by scrutinizing incoming communications for signs of phishing [13]. Virtual Private Networks (VPNs) establish secure and encrypted connections over potentially insecure networks, ensuring data security in transit [65,77]. Multifactor authentication (MFA) and biometric authentication methods add layers of verification to prevent unauthorized access [25,50].

Web gateways control and monitor Internet traffic, providing a barrier against web-based threats [63,81]. Email security solutions filter out malicious content and guard against email infiltration [15]. Web/network vulnerability scanning tools proactively identify potential security weaknesses, enabling their timely remediation [10,77]. Secure Sockets Layer (SSL) certificates ensure data integrity and confidentiality in digital interactions [7,65]. Network security includes network firewalls, network security monitoring tools, packet sniffers, intrusion detection and prevention systems (IDPS), router security, encryption tools, data loss prevention (DLP) systems, backup solutions, and data masking techniques [9,14,33,67,85]. Web Application Firewalls (WAF) filter and monitor HTTP traffic to and from web applications [25,50]. Software for penetration testing imitates cyber-attacks to find holes in security [35,79], and Security Information and Event Management (SIEM) systems improve the overall security by monitoring, finding, and responding to security incidents [55,82].

4.8. Assessment Frameworks and Standards

This review did not find any cybersecurity assessment framework developed solely considering the context of local governments. However, the NIST cybersecurity framework was frequently referenced in number of reviewed papers as a common tool to assess cybersecurity at the organizational level. Specifically designed to assist organizations in effectively managing and mitigating cybersecurity threats, the NIST cybersecurity framework offers a comprehensive set of standards. The framework has gained recognition because of its adaptability, making it a crucial tool for organizations of different sizes and sectors. The review has also found a few other frameworks/standards such as NIST SP 800-53, ISA 62443-2-1:2009, ISA 62443-3-3:2013, ISO/IEC 27001:2013, and Control Objectives for Information and Related Technologies (COBIT5) [10,12,13,25,36,55,61]. Details of these frameworks/standards are described in Table 6.

5. Findings and Discussion

5.1. The Need and Foundation: Cybersecurity Conceptual Framework from Local Government Perspective

Information on the cybersecurity issues of local governments is fragmented and scattered, leaving a significant gap in understanding the threat landscape. For example, we found a total of 30 types and techniques of potential cyber-attacks scattered in 43 articles and 20 cybersecurity tools in 31 articles. However, none of the articles in this research domain provided a comprehensive list or discussion of all the potential cyber-attack types and techniques. This fragmented insight into local governments’ cybersecurity hinders the ability of responsible officials and elected members to formulate and deploy robust defensive strategies to safeguard the confidential information of residents and employees and maintain organizational integrity. Additionally, this fragmented information landscape may cause the removal of critical details. Decision-makers may remain aware of widely discussed matters but oblivious to less popular but important ones. This limited viewpoint can unintentionally neglect key vulnerabilities, leaving local governments exposed. However, a cohesive conceptual framework can help identify challenges and deploy countermeasures, compiling attack types and techniques, potential attackers, tools, frameworks, and standards [86,87]. Therefore, we created a conceptual framework, illustrated in Figure 8, with the goal of providing officials, decision-makers, and researchers in this field with a holistic view of local governments’ cybersecurity aspects.

To develop the framework, we employed a comprehensive methodology, grounded in the established definitions and principles of cybersecurity set forth by the ISO and in the findings from our systematic review. The heart of the framework lies in its delineation of seven key cybersecurity domains, as mentioned previously under the Cybersecurity Concept Sub-section above, each addressing a vital component of local governments’ digital defense. These domains include Internet security, web security, network security, data security, endpoint security, application security, and cloud security. A pivotal aspect of our framework is its incorporation of the CIA Triad and its extension to the CIA-AAA concept. The CIA Triad, consisting of confidentiality, integrity, and availability, is a fundamental principle in cybersecurity. Confidentiality ensures that information is not shared with unauthorized individuals, while integrity ensures accuracy and completeness, and availability ensures accessibility and usability on demand.

Multiple researchers indicated an expansion of the CIA Triad to include three additional principles: authentication, authorization, and accountability/auditing [88,89,90]. This model combines authentication to ensure legitimate access, authorization to grant appropriate access rights, and accounting to track system activities for breach detection and compliance. The CIA-AAA model plays a crucial role in local government cybersecurity. Local governments, which are responsible for managing sensitive data and providing critical services, must implement a comprehensive security strategy that encompasses the seven core domains of cybersecurity. Ensuring the confidentiality, availability, and integrity of government data, in addition to implementing rigorous authentication, authorization, and accounting protocols, is a critical aspect of data security. To safeguard online interactions and government websites, robust authentication and authorization mechanisms are integral to Internet and web security. In a similar vein, the model’s emphasis on authorized access and continuous monitoring confers advantages for network and endpoint security. To protect against threats and vulnerabilities, application and cloud security employ a complete range of CIA-AAA principles.

Our approach to local government cybersecurity involves a multi-layered structure that maps cyberthreats and defenses. We positioned the types and techniques of cyber-attacks at the center of the framework, connecting them to the corresponding cybersecurity domains directly above them. This strategic placement is not merely structural but indicative of the direct link between the identified cyberthreats and the targeted cybersecurity domains. The principles of the CIA-AAA concept encapsulate these core domains, highlighting their universal application and importance across all facets of cybersecurity. The framework’s upper segment focuses on practical and technical cybersecurity assessment frameworks and tools, providing local governments with the necessary resources to evaluate, monitor, and improve their cybersecurity posture. The lower section of the framework focuses on the non-technical and administrative aspects of cybersecurity, including the types of attackers, their motivations, challenges specific to local governments, and recommended solutions. This approach not only equips local governments with technical tools to defend against cyberthreats but also addresses the broader context in which these threats occur and prepares them with strategies to mitigate them at multiple levels. This framework could be a good starting point for the key authorities and decision-makers in local governments to understand the cybersecurity big picture. We also note that, while local governments are undertaking cybersecurity measures, they also need to consider responsible innovation and technology principles, as outlined in a study by [91].

5.2. The Framework: Key Components and Limitations in the Existing Literature

5.2.1. Types and Techniques of Cyber-Attacks

Internet security is primarily breached by cyber-attacks including spyware, adware, keyloggers, and ransomware [14,76,81]. These types of cyber-attacks can grant attackers unauthorized control over the online activities of local governments, compromising users’ privacy and data integrity and disrupting system functionality. Malvertizing, phishing, DoS, and DDoS attacks can compromise network security [9,62,84], while SQL injection and XSS target local governments’ websites and web-based applications [62,76]. Network security faces threats including IP spoofing, ARP spoofing, and DNS spoofing. Ransomware, which encrypts access to vital data, spyware, and keyloggers, which collect sensitive information, have a severe impact on data security [11,14,36]. Trojans and rootkits facilitate unauthorized access to data, while phishing techniques target data theft [12,56]. Zero-day exploits, repudiation, and tampering pose risks to data accuracy and trustworthiness [51,67,74]. Cloud storage security entails safeguarding data and services stored in the cloud against threats, including ransomware, Advanced Persistent Threats (APTs), and the dangers posed by malicious and negligent insiders [78,79].

While the existing literature provides insightful discussions on many types and techniques of cyber-attacks, it notably overlooks emerging threats, which could be vital for local governments. Emerging threats in Internet security include deepfake technology and AI-powered social engineering attacks, which can lead to misinformation or the manipulation of public opinion [92,93]. In web security, newer threats such as API attacks [94] and crypto-jacking that target web-based applications are often overlooked [95,96]. Network security faces evolving risks, such as Zero-Trust Network Architecture violations and IoT-based attacks, which can lead to widespread disruptions or data breaches [12]. For data security, quantum computing attacks and advanced ransomware tactics targeting backups and disaster recovery strategies are very critical [97,98].

Endpoint security, especially in the context of smart cities, must contend with the proliferation of IoT devices, including threats from unsecured devices and sophisticated mobile malware targeting government officials’ devices [99]. The incorporation of AI and machine learning into applications creates new opportunities for AI-driven threats in applications frequently utilized by local governments [16]. Cloud security in local governments, especially in smart cities, faces unique challenges, such as increased risks in shared and multi-tenant cloud environments and threats targeting cloud-based IoT platforms and big data analytics [100,101]. The ever-evolving digital landscape, marked by advanced technologies and interconnected systems, introduces new vulnerabilities and attack surfaces [9,13,37]. Local governments must stay abreast of current threats and proactively anticipate future challenges to effectively protect their cyber ecosystems.

5.2.2. Common Cybersecurity Tools

This systematic review of cybersecurity for local governments reveals a variety of tools designed to enhance specific aspects of cybersecurity. These Internet security tools include antivirus software, anti-phishing tools, VPNs, MFAs, web gateways, and email security solutions [63,64,78]. Web security tools include web vulnerability scanning tools, which identify security weaknesses in web applications and websites, and SSL certificates that establish secure and encrypted links between web servers and browsers [7]. Network security tools include network firewalls, monitoring tools, packet sniffers, IDPS, VPNs, and router security [78,79]. Data security tools include encryption tools, DLP software, MFA, backup solutions, and data masking to protect sensitive data from unauthorized access [50,51,85]. Endpoint security tools include antivirus software for protection against various forms of malware that could compromise endpoint devices [49]. Application security tools include WAF, penetration testing software, and SIEM systems [25,82]. Cloud security tools use encryption tools to protect data stored in the cloud, ensuring confidentiality and security even in shared and multi-tenant cloud environments [33,61].

The existing literature on cybersecurity in local government contexts highlights a significant gap in the coverage of vital security tools across core concepts. While the literature mentioned common tools for Internet security, it did not mention the tools essential for robust web, network, data, endpoint, application, and cloud security. This is particularly important given the rapidly evolving nature of cyberthreats and the significance of data management by local governments. The existing literature neglects Content Security Policy (CSP) for web security, a crucial tool for preventing attacks like XSS and data injection [102,103]. CSP allows web developers to specify valid domains for executable scripts, preventing malicious script execution [104]. Given the increasing sophistication of web-based attacks, CSP’s role in local government websites and web applications is crucial.

The literature lacks tools like Network Access Control (NAC) and Unified Threat Management (UTM) in network security [105,106]. NAC systems are crucial for secure network access, enforcing security policy compliance on devices attempting to access network resources. UTMs provide a comprehensive security solution, simplifying infrastructure for local governments with limited IT resources. In endpoint security, tools like endpoint detection and response (EDR) detect and respond to threats; Mobile Device Management (MDM) manages mobile device security; and disk and media encryption protect data on endpoint devices, ensuring that data remain secure even in the event of theft or loss [99,107,108].

For application security, the literature overlooks tools such as Application Security Testing (AST) and runtime application self-protection (RASP), which are crucial for identifying vulnerabilities and addressing security issues during development [109,110]. RASP provides a real-time security layer by analyzing application behavior and blocking harmful actions. In cloud security, tools like Identity and Access Management (IAM), which manages user identities and access privileges, Cloud Access Security Brokers (CASBs), which provide data visibility and control, Cloud Security Posture Management (CSPM), which ensures security best practices, and Cloud Workload Protection Platforms (CWPPs), which protect cloud workloads against evolving threats, are not cited in the existing literature in the cybersecurity and local government research domain [89,111,112,113].

5.2.3. Assessment Frameworks and Standards

The existing literature on cybersecurity for local governments predominantly cites only a few frameworks and standards, including NIST, ISO/IEC 27001:2013, COBIT5, ISA 62443-2-1:2009, and ISA 62443-3-3:2013 [12,25,36,55,114]. NIST is known for its comprehensive cybersecurity guidelines, while ISO/IEC 27001:2013 provides the requirements for ISMS. COBIT5 is a governance framework for enterprise IT, emphasizing regulatory compliance, risk management, and aligning IT strategy with organizational goals. ISA 62443-2-1:2009 and ISA 62443-3-3:2013 focus on the security of Industrial Automation and Control Systems, providing a systematic approach to reducing cybersecurity risks in industrial operational environments. Although these frameworks and standards are useful, the current literature shows a lack of comprehensive coverage of cybersecurity frameworks and tools.

It is worth noting that the updated NIST framework, NIST CSF 2.0 (Draft), which represents a substantial advancement over its predecessor [115], is not mentioned in the existing literature in this research domain. The framework now includes a sixth function, the govern function, which covers how an organization can make and execute its own internal decisions to support its cybersecurity strategy [116]. The draft provides improved guidance for implementation, focusing on situation-specific profiles and providing examples for subcategories. According to the NIST website, the final version is set to be released in early 2024 [115].

The Centre for Internet Security (CIS) Controls is a framework that provides a collection of practical measures for protecting against cyberthreats, offering a structured approach to enhancing an organization’s cybersecurity position [114,117]. The General Data Protection Regulation (GDPR), while being primarily a regulatory standard for the European Union, establishes a model for data protection and privacy that can be used as a reference for local governments worldwide [118]. The Cybersecurity Maturity Model Certification (CMMC) is an emerging framework designed to strengthen cybersecurity measures in the defense industrial base [89,119]. Although originally designed for defense contractors, local governments can use the principles and practices of CMMC to enhance their defense measures [120,121]. Local governments may also consider frameworks such as the IT Infrastructure Library (ITIL), which emphasizes the synchronization of IT services with business requirements [89,122,123].

In addition to the aforementioned frameworks and standards, various countries and organizations have prepared their own frameworks and standards. Examples include the New Zealand Information Security Manual (NZISM) and the New York Department of Financial Services Cybersecurity Regulation, the Standard Nasional Indonesia (SNI), China’s National Standard, Australia’s Essential Eight, and the USA General Service Administration’s Federal Risk and Authorization Management Program (FedRAMP) [124]. The NZISM is the government cybersecurity standard in New Zealand, providing guidelines for agencies to protect their digital information and assets. It covers access control and incident management, focusing on sensitive government data, and is issued by the Government Communications Security Bureau of New Zealand. The SNI is Indonesia’s national cybersecurity standard, aimed at ensuring the quality and safety of products and services, including IT and cybersecurity. It provides guidelines and best practices for Indonesian organizations to ensure robust and effective cybersecurity measures against regional and global threats.

The National Standard of the People’s Republic of China (GB/T 22239-2019) is the national cybersecurity framework, encompassing regulations on data protection, Internet services, and network infrastructure [124]. These standards are crucial in shaping the implementation of cybersecurity by organizations operating within China’s borders, given its unique regulatory environment. The Australian Cyber Security Centre developed the Essential Eight, a comprehensive framework designed to prevent cybersecurity incidents. It offers practical guidelines such as application whitelisting, patching, and configuring Microsoft Office macro settings, making it a valuable tool for both government and private sector organizations. The FedRAMP is a government-wide program in the USA that standardizes the security assessment, authorization, and continuous monitoring of the cloud products and services used by federal agencies. Its goal is to ensure that these services meet stringent security requirements, protecting government data. The FedRAMP certification is a benchmark for cloud service providers, indicating high security assurance. Local governments can take insights from these frameworks in various regional and organizational contexts and adopt best practices in their cybersecurity measures.

5.2.4. Challenges and Recommendations

(a) Resource and Infrastructure Issues: Researchers have identified resource limitations, particularly in terms of budgetary allocations, as a major obstacle to the advancement of cybersecurity within local governments [8,47]. The irregular reporting of breaches and misconceptions that these smaller governmental entities are less vulnerable undermine cybersecurity prioritization in local governments [19]. The budget limitations in local governments have cascading effects, restricting experts’ recruitment, infrastructure improvement, and the skill development of current employers [63,117,125]. Consolidating IT networks in local governments can reduce complexity and streamline cybersecurity measures [7,77,112]. The security landscape has evolved, necessitating changes in the authentication systems [92]. Implementing multifactor authentication and a ‘zero trust’ approach can reduce unauthorized access risk [12]. Despite the initial costs and transition challenges, this approach is highly recommended by researchers for long-term cybersecurity benefits, especially considering the rapid increase in IoT device usage and transformation into smart cities [85,106]. Maintaining hardware and software inventories is also crucial for endpoint and application security [14,90]. AI can be a valuable tool for local governments to protect their cybersecurity, as its machine-learning algorithms can identify complex attacks which conventional systems may fail to detect [3,48,126,127]. However, research on AI’s potential in detecting and preventing cyber-attacks in smart cities is limited due to its emerging nature [124].

Researchers have indicated that local governments have a shortage of specialized cybersecurity professionals due to budget constraints and improper knowledge of its significance among decision-makers [7,63]. This shortfall limits the swift identification, response, and recovery from cyber-attacks. To address this issue, local governments can collaborate and partner with state or central governments and private sector companies to access affordable security solutions [9,54,128]. Researchers and experts in the field also recommend unconventional strategies like outsourcing cybersecurity to specialized contractors and cybersecurity insurance, and collecting community and expert feedback to develop targeted cybersecurity strategies [11,15,60].

Budget constraints also prevent local governments from investing in R&D for cybersecurity improvements [77]. However, R&D is vital for conducting thorough risk assessments, analyzing past cyber incidents, developing new security protocols, and staying informed about emerging threats [47,78]. But R&D is usually expensive and can be a daunting task for smaller local governments. Cost-effective strategies such as partnerships with academic institutions and inter-governmental cybersecurity agencies, hosting hackathons, and small-scale pilot projects can be effective alternatives to R&D for local governments with limited financial resources [49,64,129].

(b) Policy and Regulatory Issues: Researchers frequently cited the lack of comprehensive cybersecurity policies as a critical gap in local governments’ cybersecurity preparedness [77,83,128]. MacManus, Caruson, and McPhee [53] identified regulatory oversight and a lack of enforcement as crucial challenges for local governments. A lack of visibility and influence can lead to a disconnect between policy formulation and implementation, resulting in insufficient resource allocation and attention to cybersecurity matters [11,18]. The lack of political and bureaucratic support also hinders the development and enforcement of effective cybersecurity measures [86]. To tackle these challenges, it is crucial to emphasize cybersecurity governance, establish a clear regulatory framework, and gain support from political, bureaucratic, and executive leaders [14,53,80].

Cybersecurity policies should outline local governments’ cybersecurity stance, define roles and standards, and be regularly reviewed [82,130]. Collaboration with academic institutions can help local governments develop policies cost-effectively, aligning with smart cities [10,13]. Considering resource limitations as a major constraint for local government, they can benefit from the use of large language models (LLM) or generative pre-trained transformer (GPT)-assisted approaches for cybersecurity policies, as these tools are already being utilized by organizations for cybersecurity governance, risk management, and compliance (GRC) policies. In fact, in their research, McIntosh et al. [131] demonstrated that GPT-generated policies can be more effective and comprehensive when provided with custom-tailored prompts.

However, due to the evolving cybersecurity landscape and limitations of GPT models, human moderators and subject-matter experts are crucial in refining AI-generated content. Their involvement ensures that the output aligns with the latest trends and upholds legal and ethical standards, making the policies practically relevant and ethically responsible [91]. Along with the policies, regular audits and consequence management systems are also essential. Formal regulatory structures, including cybersecurity committees, could be formed within local governments to ensure that data management practices align with cybersecurity principles. Additionally, the existing literature on cybersecurity lacks the comprehensive coverage of legislative and regulatory compliance, particularly in areas like data privacy, cloud computing, and IoT. The available literature does not cover legal frameworks and practical guidance for implementing these mandates within local governments’ unique operational contexts. This presents an untapped area for research.

(c) Accountability and Behavioral Issues: Accountability and organizational culture are essential for effective governance, and cybersecurity is no exception. In local governments, where multiple stakeholders collaborate, accountability lines often blur, leading to vulnerabilities and potential breaches [132,133]. Cybersecurity in local governments faces behavioral challenges, such as reactive protocols adopted after incidents and a lack of collaboration within departments [13,77,130]. To address these issues, local governments must encourage collaboration on cybersecurity initiatives, share best practices, foster a culture of communication and teamwork, prioritize cybersecurity as a shared objective, and cultivate a culture of ‘cyber hygiene’ among employees [8,12]. This involves maintaining basic digital environments, such as regular updates, vigilant monitoring, and adherence to best practices in digital communication and data management [42,134]. Educating employees through workshops, training sessions, and awareness campaigns about the importance of cyber hygiene is crucial for building a knowledgeable, aware, and responsible workforce [13].

(d) Technical and Operational Issues: Local governments face increasing technical and operational challenges, particularly in addressing the complexity and sophistication of cyberthreats [18], safeguarding data, and ensuring their integrity [77]. Ensuring data integrity is crucial to maintaining public trust [19,50]. Local governments must implement secure coding practices, intrusion detection systems, regular software updates, and blockchain technology to enhance data integrity. On the other hand, to maintain public trust, local governments must demonstrate transparency in their cybersecurity practices and data handling procedures. To balance between safeguarding residents’ information and confidential administrative documents and upholding public trust, a multifaceted approach is needed. This encompasses the formulation of policies, the frequent training of staff members on cybersecurity protocols, and active involvement with the public to disseminate knowledge about local governments’ cybersecurity and data protection strategies, as well as educating residents on protecting their own data as well as about cybersecurity [13,62,68,76].

The general lack of knowledge among staff and decision-makers about cybersecurity and how to safeguard data exacerbates vulnerability to cyberthreats [55,58,64]. This knowledge gap is significant, manifesting not only in a general lack of cybersecurity awareness among non-IT staff but also in the specific technical knowledge necessary for IT professionals within local governments. Each data category has unique vulnerabilities, requiring different levels of safeguarding [135]. Understanding the different types of cyberthreats is crucial for IT professionals to prioritize their cybersecurity measures. Furthermore, obtaining specific cybersecurity certifications can be resource-intensive and beyond the reach of many local governments, making them ill-prepared to manage and respond to cyberthreats. To tackle technical and operational challenges, local governments can form partnerships, invest in targeted training programs, and use open-source or cost-effective cloud-based cybersecurity services [26,35]. Regular risk assessments and audits can also help them identify vulnerabilities and prioritize resource allocation.

6. Conclusions

This conceptual framework, built upon critical cybersecurity domain, is a novel attempt to comprehensively map the cybersecurity landscape of local governments from a non-technical and governance perspective. The non-technical nature of our framework offers advantages for decision-makers in local governments as it provides a comprehensive overview of the cybersecurity landscape, segmenting and categorizing challenges, attacker motivations, threats, and countermeasures. This approach allows decision-makers, even without technical expertise, to understand the depth of cybersecurity issues they face and the potential solutions. For practitioners such as IT administrators or officers in local governments, this framework provides a roadmap, helping them make informed decisions about cybersecurity issues. It provides detailed insights on attack types, potential attackers, essential tools, and relevant standards, allowing officials to focus on matters relevant to their local governments’ cybersecurity. From an academic perspective, this framework addresses the gap in the cybersecurity literature by consolidating scattered knowledge on local governments’ cybersecurity landscape. It provides a cohesive reference for further studies, critiques, and discussions.

This framework serves as a dynamic platform for academic discourse, catalyzing future research trajectories and paving the way for academic–practice collaborations. The ‘structured and layered’ approach of the framework encourages further exploration and research of each layer. Real-world application of the framework is also crucial to bringing forth more issues in the cybersecurity landscape of local governments. The human aspect of cybersecurity, influenced by organizational behaviors, decision-making patterns, and public perceptions, presents a profound research avenue too [136,137]. Understanding these intersections could help develop strategies that balance technical and human-centric cyber-defense mechanisms [138,139]. Policy and legislative implications are also potential research topics, as the framework can inform the development of dedicated cybersecurity policies and legislation for local governments.

Although this conceptual framework is comprehensive, it has limitations like any other general frameworks, which need to be identified and recognized [40,140,141,142]. The dynamic and ever-evolving nature of the cyber-attack and threat landscapes is a key limitation of this conceptual framework [8,66]. As technology advances, cyber-attackers consistently evolve and develop novel and enhanced attack vectors [7,85]. Our conceptual framework is built upon the existing scholarly literature and may not account for attack types that have not yet been recorded in scholarly articles, are yet to be invented, or are still emerging. Similarly, this framework also includes countermeasures or cybersecurity tools, an assessment framework, and standards that are currently available and have been cited in the academic literature.

Despite these limitations, our conceptual framework is an invaluable asset for relevant stakeholders in local governments as it facilitates the understanding of the types of attacks, tools, and assessment frameworks in a structured way. Adaptations and extensions of the framework are possible for users, including practitioners, decision-makers, and researchers, to accommodate emergent threats and solutions. This framework’s capacity for adaptability guarantees its ongoing relevance and currency, functioning as a cornerstone which can be consistently revised and modified to tackle the ever-changing threat landscapes of cybersecurity in local governments.

Footnotes

Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Enlarge this image.

Figure 1. Relationship between information security, cybersecurity, Internet security, network security, and web security, derived from von Solms and von Solms [24] and BSI [21,22].

Enlarge this image.

Figure 2. A screenshot of the search query (executed in Scopus).

Enlarge this image.

Figure 3. Article selection steps for a systematic literature review with PRISMA.

Enlarge this image.

Figure 4. Publication trend by year.

Enlarge this image.

Figure 5. Geographical context of the selected articles.

Enlarge this image.

Figure 6. Classification of data that local governments store and manage.

Enlarge this image.

Figure 7. Barriers to cybersecurity and recommended solutions for local governments.

Enlarge this image.

Figure 8. Conceptual framework of local governments’ cybersecurity landscape.

References

1. Rotta, M.J.R.; Sell, D.; dos Santos Pacheco, R.C.; Yigitcanlar, T. Digital commons and citizen coproduction in smart cities: Assessment of Brazilian municipal e-government platforms. Energies; 2019; 12, 2813. [DOI: https://dx.doi.org/10.3390/en12142813]

2. Micozzi, N.; Yigitcanlar, T. Understanding smart city policy: Insights from the strategy documents of 52 local governments. Sustainability; 2022; 14, 10164. [DOI: https://dx.doi.org/10.3390/su141610164]

3. Yigitcanlar, T.; Agdas, D.; Degirmenci, K. Artificial intelligence in local governments: Perceptions of city managers on prospects, constraints and choices. AI Soc.; 2023; 38, pp. 1135-1150. [DOI: https://dx.doi.org/10.1007/s00146-022-01450-x]

4. Chałubińska-Jentkiewicz, K. Access to the ICT network as a public task of local government. Lex Localis; 2021; 19, pp. 175-195. [DOI: https://dx.doi.org/10.4335/19.1.175-195(2021)] [PubMed: https://www.ncbi.nlm.nih.gov/pubmed/38887403]

5. Yigitcanlar, T.; Li, R.Y.M.; Beeramoole, P.B.; Paz, A. Artificial intelligence in local government services: Public perceptions from Australia and Hong Kong. Gov. Inf. Q.; 2023; 40, 101833. [DOI: https://dx.doi.org/10.1016/j.giq.2023.101833]

6. Norris, D.F.; Mateczun, L.; Forno, R. Cybersecurity and Local Government; John Wiley & Sons, Inc.: Hoboken, NJ, USA, 2022.

7. Norris, D.F.; Mateczun, L.; Joshi, A.; Finin, T. Cyberattacks at the grass roots: American local governments and the need for high levels of cybersecurity. Public Adm. Rev.; 2019; 79, pp. 895-904. [DOI: https://dx.doi.org/10.1111/puar.13028]

8. Norris, D.F.; Mateczun, L.K. Cyberattacks on local governments 2020: Findings from a key informant survey. J. Cyber Policy; 2022; 7, pp. 294-317. [DOI: https://dx.doi.org/10.1080/23738871.2023.2178319]

9. Wolff, J.; Lehr, W. When cyber threats loom, what can state and local governments do?. Georget. J. Int. Aff.; 2018; 19, pp. 67-75. [DOI: https://dx.doi.org/10.1353/gia.2018.0008]

10. Hatcher, W.; Meares, W.L.; Heslen, J. The cybersecurity of municipalities in the United States: An exploratory survey of policies and practices. J. Cyber Policy; 2020; 5, pp. 302-325. [DOI: https://dx.doi.org/10.1080/23738871.2020.1792956]

11. Norris, D.F.; Mateczun, L.; Joshi, A.; Finin, T. Cybersecurity at the grassroots: American local governments and the challenges of internet security. J. Homel. Secur. Emerg. Manag.; 2018; 15, 20170048. [DOI: https://dx.doi.org/10.1515/jhsem-2017-0048]

12. Chaudhuri, A.; Bozkus Kahyaoglu, S. Cybersecurity assurance in smart cities: A risk management perspective. EDPACS; 2023; 67, pp. 1-22. [DOI: https://dx.doi.org/10.1080/07366981.2023.2165293]

13. Demertzi, V.; Demertzis, S.; Demertzis, K. An overview of cyber threats, attacks and countermeasures on the primary domains of smart cities. Appl. Sci.; 2023; 13, 790. [DOI: https://dx.doi.org/10.3390/app13020790]

14. Caruson, K.; MacManus, S.A.; McPhee, B.D. Cybersecurity policy-making at the local government level: An analysis of threats, preparedness, and bureaucratic roadblocks to success. J. Homel. Secur. Emerg. Manag.; 2012; 9, 20120003. [DOI: https://dx.doi.org/10.1515/jhsem-2012-0003]

15. Norris, D.F.; Mateczun, L.; Joshi, A.; Finin, T. Managing cybersecurity at the grassroots: Evidence from the first nationwide survey of local government cybersecurity. J. Urban Aff.; 2021; 43, pp. 1173-1195. [DOI: https://dx.doi.org/10.1080/07352166.2020.1727295]

16. Chahal, N.S.; Bali, P.; Khosla, P.K. A proactive approach to assess web application security through the integration of security tools in a security orchestration platform. Comput. Secur.; 2022; 122, 102886. [DOI: https://dx.doi.org/10.1016/j.cose.2022.102886]

17. Almeida, F. Prospects of cybersecurity in smart cities. Future Internet; 2023; 15, 285. [DOI: https://dx.doi.org/10.3390/fi15090285]

18. Frandell, A.; Feeney, M. Cybersecurity threats in local government: A sociotechnical perspective. Am. Rev. Public Adm.; 2022; 52, pp. 558-572. [DOI: https://dx.doi.org/10.1177/02750740221125432]

19. Chodakowska, A.; Kańduła, S.; Przybylska, J. Cybersecurity in the local government sector in Poland: More work needs to be done. Lex Localis; 2022; 20, pp. 161-192. [DOI: https://dx.doi.org/10.4335/20.1.161-192(2022)]

20. NIST. Framework for Improving Critical Infrastructure Cybersecurity. 2018; Available online: https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04162018.pdf (accessed on 3 December 2023).

21. BS ISO/IEC 27032:2023 Cybersecurity. Guidelines for Internet Security; BSI: Geneva, Switzerland, 2023.

22. BS EN ISO/IEC 27000:2020 Information Technology. Information Security Management Systems. Overview and Vocabulary; BSI: Geneva, Switzerland, 2020.

23. Ross, R.; Pillitteri, V.; Graubart, R.; Bodeau, D.; Mcquaid, R. Developing Cyber-Resilience Systems: A Systems Security Engineering Approach; National Institute of Standards and Technology: Gaithersburg, MD, USA, 2021.

24. von Solms, B.; von Solms, R. Cybersecurity and information security—What goes where?. Inf. Comput. Secur.; 2018; 26, pp. 2-9. [DOI: https://dx.doi.org/10.1108/ICS-04-2017-0025]

25. Andrade, R.O.; Yoo, S.G.; Tello-Oquendo, L.; Ortiz-Garces, I. A comprehensive study of the IoT cybersecurity in smart cities. IEEE Access; 2020; 8, pp. 228922-228941. [DOI: https://dx.doi.org/10.1109/ACCESS.2020.3046442]

26. Madjid, M.A.; Legionosuko, T.; Samudro, E.G. The information security strategy of Bogor’s smart city to deal with threat in cyber space. IOP Conf. Ser. Mater. Sci. Eng.; 2021; 1073, 12054. [DOI: https://dx.doi.org/10.1088/1757-899X/1073/1/012054]

27. Sensuse, D.I.; Putro, P.A.W.; Rachmawati, R.; Sunindyo, W.D. Initial cybersecurity framework in the new capital city of Indonesia: Factors, objectives, and technology. Information; 2022; 13, 580. [DOI: https://dx.doi.org/10.3390/info13120580]

28. Li, W.; Yigitcanlar, T.; Erol, I.; Liu, A. Motivations, barriers and risks of smart home adoption: From systematic literature review to conceptual framework. Energy Res. Soc. Sci.; 2021; 80, 102211. [DOI: https://dx.doi.org/10.1016/j.erss.2021.102211]

29. Regona, M.; Yigitcanlar, T.; Xia, B.; Li, R.Y.M. Opportunities and adoption challenges of AI in the construction industry: A PRISMA review. J. Open Innov. Technol. Mark. Complex.; 2022; 8, 45. [DOI: https://dx.doi.org/10.3390/joitmc8010045]

30. David, A.; Yigitcanlar, T.; Li, R.Y.M.; Corchado, J.M.; Cheong, P.H.; Mossberger, K.; Mehmood, R. Understanding local government digital technology adoption strategies: A PRISMA review. Sustainability; 2023; 15, 9645. [DOI: https://dx.doi.org/10.3390/su15129645]

31. Senadheera, S.; Yigitcanlar, T.; Desouza, K.C.; Mossberger, K.; Corchado, J.; Mehmood, R.; Li, R.Y.M.; Cheong, P.H. Understanding chatbot adoption in local governments: A review and framework. J. Urban Technol.; 2024; pp. 1-35. [DOI: https://dx.doi.org/10.1080/10630732.2023.2297665]

32. Marasinghe, R.; Yigitcanlar, T.; Mayere, S.; Washington, T.; Limb, M. Computer vision applications for urban planning: A systematic review of opportunities and constraints. Sustain. Cities Soc.; 2024; 100, 105047. [DOI: https://dx.doi.org/10.1016/j.scs.2023.105047]

33. Dong, N.; Zhao, J.; Yuan, L.; Kong, Y. Research on information security system of smart city based on information security requirements. J. Phys. Conf. Ser.; 2018; 1069, 012040. [DOI: https://dx.doi.org/10.1088/1742-6596/1069/1/012040]

34. AlDairi, A.; Tawalbeh, L.a. Cyber security attacks on smart cities and associated mobile technologies. Procedia Comput. Sci.; 2017; 109, pp. 1086-1091. [DOI: https://dx.doi.org/10.1016/j.procs.2017.05.391]

35. Ahmadi-Assalemi, G.; Al-Khateeb, H.; Epiphaniou, G.; Maple, C. Cyber resilience and incident response in smart cities: A systematic literature review. Smart Cities; 2020; 3, pp. 894-927. [DOI: https://dx.doi.org/10.3390/smartcities3030046]

36. Kalinin, M.; Krundyshev, V.; Zegzhda, P. Cybersecurity risk assessment in smart city infrastructures. Machines; 2021; 9, 78. [DOI: https://dx.doi.org/10.3390/machines9040078]

37. Kim, K.; Istabraq Mohammed, A.; Ramachandran, S.; Kim, J.; Zia, T.; Almorjan, A. Cybersecurity and cyber forensics for smart cities: A comprehensive literature review and survey. Sensors; 2023; 23, 3681. [DOI: https://dx.doi.org/10.3390/s23073681] [PubMed: https://www.ncbi.nlm.nih.gov/pubmed/37050740]

38. Yigitcanlar, T.; Kamruzzaman, M.; Buys, L.; Ioppolo, G.; Sabatini-Marques, J.; da Costa, E.M.; Yun, J.J. Understanding ‘smart cities’: Intertwining development drivers with desired outcomes in a multidimensional framework. Cities; 2018; 81, pp. 145-160. [DOI: https://dx.doi.org/10.1016/j.cities.2018.04.003]

39. Arulkumar, V.; Latha, C.P.; Dasig, D. Concept of implementing big data in smart city: Applications, services, data security in accordance with internet of things and AI. Int. J. Recent Technol. Eng.; 2019; 8, pp. 6819-6825. [DOI: https://dx.doi.org/10.35940/ijrte.C5782.098319]

40. D’Amico, G.; L’Abbate, P.; Liao, W.; Yigitcanlar, T.; Ioppolo, G. Understanding sensor cities: Insights from technology giant company driven smart urbanism practices. Sensors; 2020; 20, 4391. [DOI: https://dx.doi.org/10.3390/s20164391] [PubMed: https://www.ncbi.nlm.nih.gov/pubmed/32781671]

41. Cortese, T.T.P.; Almeida, J.F.S.d.; Batista, G.Q.; Storopoli, J.E.; Liu, A.; Yigitcanlar, T. Understanding sustainable energy in the context of smart cities: A PRISMA review. Energies; 2022; 15, 2382. [DOI: https://dx.doi.org/10.3390/en15072382]

42. Liu, Y.S.; Yigitcanlar, T.; Guaralda, M.; Degirmenci, K.; Liu, A.; Kane, M. Leveraging the opportunities of wind for cities through urban planning and design: A PRISMA review. Sustainability; 2022; 14, 11665. [DOI: https://dx.doi.org/10.3390/su141811665]

43. Son, T.H.; Weedon, Z.; Yigitcanlar, T.; Sanchez, T.; Corchado, J.M.; Mehmood, R. Algorithmic urban planning for smart and sustainable development: Systematic review of the literature. Sustain. Cities Soc.; 2023; 94, 104562. [DOI: https://dx.doi.org/10.1016/j.scs.2023.104562]

44. Shaamala, A.; Yigitcanlar, T.; Nili, A.; Nyandega, D. Algorithmic green infrastructure optimisation: Review of artificial intelligence driven approaches for tackling climate change. Sustain. Cities Soc.; 2024; 101, 105182. [DOI: https://dx.doi.org/10.1016/j.scs.2024.105182]

45. Vistro, D.M. IoT based big data analytics for cloud storage using edge computing. J. Adv. Res. Dyn. Control Syst.; 2020; 12, pp. 1594-1598. [DOI: https://dx.doi.org/10.5373/JARDCS/V12SP7/20202262]

46. Duffy, T. Helping local governments improve cyber security. Public Manag.; 2011; 93, 21.

47. Javed, A.R.; Shahzad, F.; Rehman, S.u.; Zikria, Y.B.; Razzak, I.; Jalil, Z.; Xu, G. Future smart cities: Requirements, emerging technologies, applications, challenges, and future aspects. Cities; 2022; 129, 103794. [DOI: https://dx.doi.org/10.1016/j.cities.2022.103794]

48. Bokhari, S.A.A.; Myeong, S. The influence of artificial intelligence on e-governance and cybersecurity in smart cities: A stakeholder’s perspective. IEEE Access; 2023; 11, pp. 69783-69797. [DOI: https://dx.doi.org/10.1109/ACCESS.2023.3293480]

49. Efe, A.; Isik, A. A general view of industry 4.0 revolution from cybersecurity perspective. Int. J. Intell. Syst. Appl. Eng.; 2020; 8, pp. 11-20. [DOI: https://dx.doi.org/10.18201/ijisae.2020158884]

50. Ma, C. Smart city and cyber-security; technologies used, leading challenges and future recommendations. Energy Rep.; 2021; 7, pp. 7999-8012. [DOI: https://dx.doi.org/10.1016/j.egyr.2021.08.124]

51. Siddiqui, S.; Hameed, S.; Shah, S.A.; Khan, A.K.; Aneiba, A. Smart contract-based security architecture for collaborative services in municipal smart cities. J. Syst. Archit.; 2023; 135, 102802. [DOI: https://dx.doi.org/10.1016/j.sysarc.2022.102802]

52. Verhulsdonck, G.; Weible, J.L.; Helser, S.; Hajduk, N. Smart cities, playable cities, and cybersecurity: A systematic review. Int. J. Hum. Comput. Interact.; 2023; 39, pp. 378-390. [DOI: https://dx.doi.org/10.1080/10447318.2021.2012381]

53. MacManus, S.A.; Caruson, K.; McPhee, B.D. Cybersecurity at the local government level: Balancing demands for transparency and privacy rights. J. Urban Aff.; 2013; 35, pp. 451-470. [DOI: https://dx.doi.org/10.1111/j.1467-9906.2012.00640.x]

54. Preis, B.; Susskind, L. Municipal cybersecurity: More work needs to be done. Urban Aff. Rev.; 2022; 58, pp. 614-629. [DOI: https://dx.doi.org/10.1177/1078087420973760]

55. Ibrahim, A.; Valli, C.; McAteer, I.; Chaudhry, J. A security review of local government using NIST CSF: A case study. J. Supercomput.; 2018; 74, pp. 5171-5186. [DOI: https://dx.doi.org/10.1007/s11227-018-2479-2]

56. Ali, H.; Elzeki, O.M.; Elmougy, S. Smart attacks learning machine advisor system for protecting smart cities from smart threats. Appl. Sci.; 2022; 12, 6473. [DOI: https://dx.doi.org/10.3390/app12136473]

57. Neupane, C.; Wibowo, S.; Grandhi, S.; Deng, H. A trust-based model for the adoption of smart city technologies in Australian regional cities. Sustainability; 2021; 13, 9316. [DOI: https://dx.doi.org/10.3390/su13169316]

58. Alam, R.G.; Ibrahim, H. Cybersecurity strategy for smart city implementation. Int. Arch. Photogramm. Remote Sens. Spat. Inf. Sci.; 2019; 42, pp. 3-6. [DOI: https://dx.doi.org/10.5194/isprs-archives-XLII-4-W17-3-2019]

59. Karpiuk, M. The local government’s position in the Polish cybersecurity system. Lex Localis; 2021; 19, pp. 609-620. [DOI: https://dx.doi.org/10.4335/19.3.609-620(2021)] [PubMed: https://www.ncbi.nlm.nih.gov/pubmed/38887403]

60. Wu, Y.C.; Sun, R.; Wu, Y.J. Smart city development in Taiwan: From the perspective of the information security policy. Sustainability; 2020; 12, 2916. [DOI: https://dx.doi.org/10.3390/su12072916]

61. Wu, S.M.; Guo, D.; Wu, Y.J.; Wu, Y.C. Future development of Taiwan’s smart cities from an information security perspective. Sustainability; 2018; 10, 4520. [DOI: https://dx.doi.org/10.3390/su10124520]

62. Napetvaridze, V.; Chochia, A. Cybersecurity in the making—Policy and law: A case study of Georgia. Int. Comp. Law Rev.; 2019; 19, pp. 155-180. [DOI: https://dx.doi.org/10.2478/iclr-2019-0019]

63. Ahmad, M.O.; Ahad, M.A.; Alam, M.A.; Siddiqui, F.; Casalino, G. Cyber-physical systems and smart cities in india: Opportunities, issues, and challenges. Sensors; 2021; 21, 7714. [DOI: https://dx.doi.org/10.3390/s21227714] [PubMed: https://www.ncbi.nlm.nih.gov/pubmed/34833785]

64. Alhalafi, N.; Veeraraghavan, P. Exploring the challenges and issues in adopting cybersecurity in Saudi smart cities: Conceptualization of the cybersecurity-based UTAUT model. Smart Cities; 2023; 6, pp. 1523-1544. [DOI: https://dx.doi.org/10.3390/smartcities6030072]

65. Toh, C.K. Security for smart cities. IET Smart Cities; 2020; 2, pp. 95-104. [DOI: https://dx.doi.org/10.1049/iet-smc.2020.0001]

66. Popescul, D.; Radu, L.D. Data security in smart cities: Challenges and solutions. Inform. Econ.; 2016; 20, pp. 29-38. [DOI: https://dx.doi.org/10.12948/issn14531305/20.1.2016.03]

67. Sadik, S.; Ahmed, M.; Sikos, L.F.; Najmul Islam, A.K.M. Toward a sustainable cybersecurity ecosystem. Computers; 2020; 9, 74. [DOI: https://dx.doi.org/10.3390/computers9030074]

68. Hossain, S.T.; Yigitcanlar, T.; Nguyen, K.; Xu, Y. Understanding local government cybersecurity policy: A concept map and framework. Information; 2024; 15, 342. [DOI: https://dx.doi.org/10.3390/info15060342]

69. Ali, O.; Soar, J.; Yong, J. An investigation of the challenges and issues influencing the adoption of cloud computing in Australian regional municipal governments. J. Inf. Secur. Appl.; 2016; 27–28, pp. 19-34. [DOI: https://dx.doi.org/10.1016/j.jisa.2015.11.006]

70. Vigliarolo, B. Ransomware Attack Sends US County Back to 1977. Available online: https://www.theregister.com/2022/05/29/security_roundup/#:~:text=In%20brief%20Somerset%20County%2C%20New%20Jersey%2C%20was%20hit,as%20land%20records%2C%20vital%20statistics%2C%20and%20probate%20records (accessed on 8 September 2023).

71. Sytas, A. Russian Group Claims Hack of Lithuanian Sites in Retaliation for Transit Ban. Available online: https://www.reuters.com/technology/lithuania-hit-by-cyber-attack-government-agency-2022-06-27/ (accessed on 12 September 2023).

72. Toulas, B. Vice Society Ransomware Claims Attack on Italian City of Palermo. Available online: https://www.bleepingcomputer.com/news/security/vice-society-ransomware-claims-attack-on-italian-city-of-palermo/#:~:text=The%20Vice%20Society%20ransomware%20group%20has%20claimed%20responsibility,million%20people%20and%20many%20tourists%20visiting%20the%20city (accessed on 12 September 2023).

73. Lewton, J. Troup Confirms Cyber Attack on City Was Ransomware. Available online: https://www.wgem.com/2022/05/24/troup-confirms-cyber-attack-city-was-ransomware/ (accessed on 12 September 2023).

74. Sharma, K.; Mukhopadhyay, A. Sarima-based cyber-risk assessment and mitigation model for a smart city’s traffic management systems (SCRAM). J. Organ. Comput. Electron. Commer.; 2022; 32, pp. 1-20. [DOI: https://dx.doi.org/10.1080/10919392.2022.2054259]

75. Hammi, B.; Zeadally, S.; Nebhen, J. Security threats, countermeasures, and challenges of digital supply chains. ACM Comput. Surv.; 2023; 55, 316. [DOI: https://dx.doi.org/10.1145/3588999]

76. Tok, Y.C.; Chattopadhyay, S. Identifying threats, cybercrime and digital forensic opportunities in smart city infrastructure via threat modeling. Forensic Sci. Int. Digit. Investig.; 2023; 45, 301540. [DOI: https://dx.doi.org/10.1016/j.fsidi.2023.301540]

77. Habibzadeh, H.; Nussbaum, B.H.; Anjomshoa, F.; Kantarci, B.; Soyata, T. A survey on cybersecurity, data privacy, and policy issues in cyber-physical system deployments in smart cities. Sustain. Cities Soc.; 2019; 50, 101660. [DOI: https://dx.doi.org/10.1016/j.scs.2019.101660]

78. Mohamed, N.; Al-Jaroodi, J.; Jawhar, I.; Kesserwan, N. Data-driven security for smart city systems: Carving a trail. IEEE Access; 2020; 8, pp. 147211-147230. [DOI: https://dx.doi.org/10.1109/ACCESS.2020.3015510]

79. Falco, G.; Viswanathan, A.; Caldera, C.; Shrobe, H. A master attack methodology for an AI-based automated attack planner for smart cities. IEEE Access; 2018; 6, pp. 48360-48373. [DOI: https://dx.doi.org/10.1109/ACCESS.2018.2867556]

80. Alzahrani, N.M.; Alfouzan, F.A. Augmented reality (AR) and cyber-security for smart cities—A systematic literature review. Sensors; 2022; 22, 2792. [DOI: https://dx.doi.org/10.3390/s22072792] [PubMed: https://www.ncbi.nlm.nih.gov/pubmed/35408406]

81. Tariq, N.; Khan, F.A.; Asim, M. Security challenges and requirements for smart internet of things applications: A comprehensive analysis. Procedia Comput. Sci.; 2021; 191, pp. 425-430. [DOI: https://dx.doi.org/10.1016/j.procs.2021.07.053]

82. Vitunskaite, M.; He, Y.; Brandstetter, T.; Janicke, H. Smart cities and cyber security: Are we there yet? A comparative study on the role of standards, third party risk management and security ownership. Comput. Secur.; 2019; 83, pp. 313-331. [DOI: https://dx.doi.org/10.1016/j.cose.2019.02.009]

83. Ali, O.; Shrestha, A.; Chatfield, A.; Murray, P. Assessing information security risks in the cloud: A case study of Australian local government authorities. Gov. Inf. Q.; 2020; 37, 101419. [DOI: https://dx.doi.org/10.1016/j.giq.2019.101419]

84. Kesan, J.P.; Zhang, L. An empirical investigation of the relationship between local government budgets, IT expenditures, and cyber losses. IEEE Trans. Emerg. Top. Comput.; 2019; 9, pp. 582-596. [DOI: https://dx.doi.org/10.1109/TETC.2019.2915098]

85. Aslam, M.; Khan Abbasi, M.A.; Khalid, T.; Shan, R.u.; Ullah, S.; Ahmad, T.; Saeed, S.; Alabbad, D.A.; Ahmad, R. Getting smarter about smart cities: Improving data security and privacy through compliance. Sensors; 2022; 22, 9338. [DOI: https://dx.doi.org/10.3390/s22239338] [PubMed: https://www.ncbi.nlm.nih.gov/pubmed/36502039]

86. Savaş, S.; Karataş, S. Cyber governance studies in ensuring cybersecurity: An overview of cybersecurity governance. Int. Cybersecur. Law Rev.; 2022; 3, pp. 7-34. [DOI: https://dx.doi.org/10.1365/s43439-021-00045-4]

87. Taherdoost, H. Understanding cybersecurity frameworks and information security standards—A review and comprehensive overview. Electronics; 2022; 11, 2181. [DOI: https://dx.doi.org/10.3390/electronics11142181]

88. Nguyen, P.H.; Ali, S.; Yue, T. Model-based security engineering for cyber-physical systems: A systematic mapping study. Inf. Softw. Technol.; 2017; 83, pp. 116-135. [DOI: https://dx.doi.org/10.1016/j.infsof.2016.11.004]

89. Ariffin, K.A.Z.; Ahmad, F.H. Indicators for maturity and readiness for digital forensic investigation in era of industrial revolution 4.0. Comput. Secur.; 2021; 105, 102237. [DOI: https://dx.doi.org/10.1016/j.cose.2021.102237]

90. Alanazi, M.; Mahmood, A.; Chowdhury, M.J.M. SCADA vulnerabilities and attacks: A review of the state-of-the-art and open issues. Comput. Secur.; 2023; 125, 103028. [DOI: https://dx.doi.org/10.1016/j.cose.2022.103028]

91. Li, W.; Yigitcanlar, T.; Browne, W.; Nili, A. The making of responsible innovation and technology: An overview and framework. Smart Cities; 2023; 6, pp. 1996-2034. [DOI: https://dx.doi.org/10.3390/smartcities6040093]

92. Guembe, B.; Azeta, A.; Misra, S.; Osamor, V.C.; Fernandez-Sanz, L.; Pospelova, V. The emerging threat of Ai-driven cyber attacks: A review. Appl. Artif. Intell.; 2022; 36, 2037254. [DOI: https://dx.doi.org/10.1080/08839514.2022.2037254]

93. Bray, S.D.; Johnson, S.D.; Kleinberg, B. Testing human ability to detect ‘deepfake’ images of human faces. J. Cybersecur.; 2023; 9, tyad011. [DOI: https://dx.doi.org/10.1093/cybsec/tyad011]

94. Chen, T.; Zeng, H.; Lv, M.; Zhu, T. CTIMD: Cyber threat intelligence enhanced malware detection using API call sequences with parameters. Comput. Secur.; 2024; 136, 103518. [DOI: https://dx.doi.org/10.1016/j.cose.2023.103518]

95. Matheu, S.N.; Hernández-Ramos, J.L.; Skarmeta, A.F.; Baldini, G. A Survey of cybersecurity certification for the internet of things. ACM Comput. Surv.; 2020; 53, 115. [DOI: https://dx.doi.org/10.1145/3410160]

96. Khan Abbasi, M.H.; Ullah, S.; Ahmad, T.; Buriro, A. A real-time hybrid approach to combat in-browser cryptojacking malware. Appl. Sci.; 2023; 13, 2039. [DOI: https://dx.doi.org/10.3390/app13042039]

97. Fernandez-Carames, T.M.; Fraga-Lamas, P. Towards post-quantum blockchain: A review on blockchain cryptography resistant to quantum computing attacks. IEEE Access; 2020; 8, pp. 21091-21116. [DOI: https://dx.doi.org/10.1109/ACCESS.2020.2968985]

98. Alshahrani, M.M. Secure multifactor remote access user authentication framework for iot networks. Comput. Mater. Contin.; 2021; 68, pp. 3235-3254. [DOI: https://dx.doi.org/10.32604/cmc.2021.015310]

99. Sewak, M.; Sahay, S.K.; Rathore, H. Deep reinforcement learning in the advanced cybersecurity threat detection and protection. Inf. Syst. Front.; 2023; 25, pp. 589-611. [DOI: https://dx.doi.org/10.1007/s10796-022-10333-x]

100. Ahmed, U.; Petri, I.; Rana, O. Edge-cloud resource federation for sustainable cities. Sustain. Cities Soc.; 2022; 82, 103887. [DOI: https://dx.doi.org/10.1016/j.scs.2022.103887]

101. Kale, N.R.; Metre, K.V.; Chitte, P.P.; Mahankale, N.; Gore, S.; Gore, S. Cloud computing for effective cyber security attack detection in smart cities. Int. J. Recent Innov. Trends Comput. Commun.; 2023; 11, pp. 777-785. [DOI: https://dx.doi.org/10.17762/ijritcc.v11i9s.7968]

102. Ying, M.; Li, S.Q. CSP adoption: Current status and future prospects. Secur. Commun. Netw.; 2016; 9, pp. 4557-4573. [DOI: https://dx.doi.org/10.1002/sec.1649]

103. Berlin, J.; Kelly, M.; Nelson, M.L.; Weigle, M.C. To re-experience the web: A framework for the transformation and replay of archived web pages. ACM Trans. Web; 2023; 17, 28. [DOI: https://dx.doi.org/10.1145/3589206]

104. Patil, K.; Frederik, B. A measurement study of the content security policy on real-world applications. Int. J. Netw. Secur.; 2016; 18, pp. 383-392.

105. Kreutz, D.; Malichevskyy, O.; Feitosa, E.; Cunha, H.; Da Rosa Righi, R.; De Macedo, D.D.J. A cyber-resilient architecture for critical security services. J. Netw. Comput. Appl.; 2016; 63, pp. 173-189. [DOI: https://dx.doi.org/10.1016/j.jnca.2015.09.014]

106. Tamy, S.; Belhadaoui, H.; Rabbah, N.; Rifi, M. Cyber security based machine learning algorithms applied to industry 4.0 application case: Development of network intrusion detection system using hybrid method. J. Theor. Appl. Inf. Technol.; 2020; 98, pp. 2078-2091.

107. Wani, T.A.; Mendoza, A.; Gray, K. Hospital bring-your-own-device security challenges and solutions: Systematic review of gray literature. JMIR Mhealth Uhealth; 2020; 8, e18175. [DOI: https://dx.doi.org/10.2196/18175] [PubMed: https://www.ncbi.nlm.nih.gov/pubmed/32554388]

108. Wurzenberger, M.; Höld, G.; Landauer, M.; Skopik, F. Analysis of statistical properties of variables in log data for advanced anomaly detection in cyber security. Comput. Secur.; 2024; 137, 103631. [DOI: https://dx.doi.org/10.1016/j.cose.2023.103631]

109. Amoroso, E. Recent progress in software security. IEEE Softw.; 2018; 35, pp. 11-13. [DOI: https://dx.doi.org/10.1109/MS.2018.1661316]

110. Espinha Gasiba, T.; Lechner, U.; Pinto-Albuquerque, M. Sifu—A cybersecurity awareness platform with challenge assessment and intelligent coach. Cybersecurity; 2020; 3, 24. [DOI: https://dx.doi.org/10.1186/s42400-020-00064-4]

111. Kaur, S.; Gupta, R. Enhancing features of cloud computing using cloud access security brokers to avoid data breaches. Eur. J. Eng. Technol. Res.; 2019; 4, pp. 185-189. [DOI: https://dx.doi.org/10.24018/ejeng.2019.4.10.1518]

112. Coppola, G.; Varde, A.S.; Shang, J. Enhancing cloud security posture for ubiquitous data access with a cybersecurity framework based management tool. Proceedings of the 14th Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON); New York, NY, USA, 12–14 October 2023; pp. 0590-0594.

113. Osnat, R. Rethinking security with cloud native in mind. Comput. Fraud. Secur.; 2023; 2023, 2. [DOI: https://dx.doi.org/10.12968/S1361-3723(23)70009-2]

114. Hamdani, S.W.A.; Abbas, H.; Janjua, A.R.; Shahid, W.B.; Amjad, M.F.; Malik, J.; Murtaza, M.H.; Atiquzzaman, M.; Khan, A.W. Cybersecurity standards in the context of operating system: Practical aspects, analysis, and comparisons. ACM Comput. Surv.; 2021; 54, 57. [DOI: https://dx.doi.org/10.1145/3442480]

115. NIST. Updating the NIST Cybersecurity Framework—Journey to CSF 2.0. Available online: https://www.nist.gov/cyberframework/updating-nist-cybersecurity-framework-journey-csf-20 (accessed on 8 November 2023).

116. NIST. The NIST Cybersecurity Framework 2.0—Initial Public Draft. 2023; Available online: https://doi.org/10.6028/NIST.CSWP.29.ipd (accessed on 8 November 2023).

117. Gonzalez-Granadillo, G.; Menesidou, S.A.; Papamartzivanos, D.; Romeu, R.; Navarro-Llobet, D.; Okoh, C.; Nifakos, S.; Xenakis, C.; Panaousis, E. Automated cyber and privacy risk management toolkit. Sensors; 2021; 21, 5493. [DOI: https://dx.doi.org/10.3390/s21165493]

118. Turk, Ž.; García de Soto, B.; Mantha, B.R.K.; Maciel, A.; Georgescu, A. A systemic framework for addressing cybersecurity in construction. Autom. Constr.; 2022; 133, 103988. [DOI: https://dx.doi.org/10.1016/j.autcon.2021.103988]

119. Dawood Gani, A.B.; Fernando, Y. The cybersecurity governance in changing the security psychology and security posture: Insights into e-procurement. Int. J. Procure. Manag.; 2021; 14, pp. 308-327. [DOI: https://dx.doi.org/10.1504/IJPM.2021.115038]

120. Bahuguna, A.; Bisht, R.K.; Pande, J. Country-level cybersecurity posture assessment: Study and analysis of practices. Inf. Secur. J.; 2020; 29, pp. 250-266. [DOI: https://dx.doi.org/10.1080/19393555.2020.1767239]

121. Garba, A.A.; Siraj, M.M.; Othman, S.H. An explanatory review on cybersecurity capability maturity models. Adv. Sci. Technol. Eng. Syst.; 2020; 5, pp. 762-769. [DOI: https://dx.doi.org/10.25046/aj050490]

122. Sofyani, H.; Riyadh, H.A.; Fahlevi, H. Improving service quality, accountability and transparency of local government: The intervening role of information technology governance. Cogent Bus. Manag.; 2020; 7, 1735690. [DOI: https://dx.doi.org/10.1080/23311975.2020.1735690]

123. Irsheid, A.; Murad, A.; AlNajdawi, M.; Qusef, A. Information security risk management models for cloud hosted systems: A comparative study. Procedia Comput. Sci.; 2022; 204, pp. 205-217. [DOI: https://dx.doi.org/10.1016/j.procs.2022.08.025]

124. Syafrizal, M.; Selamat, S.; Zakaria, N. Analysis of sybersecurity standard and framework components. Int. J. Commun. Netw. Inf. Secur.; 2020; 12, pp. 417-432. [DOI: https://dx.doi.org/10.17762/ijcnis.v12i3.4817]

125. Villani, J.J. Risk analysis of legacy systems on county government assets. J. Comput. Sci. Coll.; 2022; 38, 198.

126. Diro, A.A.; Chilamkurti, N. Distributed attack detection scheme using deep learning approach for internet of things. Future Gener. Comput. Syst.; 2018; 82, pp. 761-768. [DOI: https://dx.doi.org/10.1016/j.future.2017.08.043]

127. Palleti, V.R.; Adepu, S.; Mishra, V.K.; Mathur, A. Cascading effects of cyber-attacks on interconnected critical infrastructure. Cybersecurity; 2021; 4, 8. [DOI: https://dx.doi.org/10.1186/s42400-021-00071-z]

128. Harknett, R.J.; Stever, J.A. The new policy world of cybersecurity. Public Adm. Rev.; 2011; 71, pp. 455-460. [DOI: https://dx.doi.org/10.1111/j.1540-6210.2011.02366.x]

129. Zhao, P.; Li, S.; Hu, P.J.H.; Cao, Z.; Gu, C.; Xie, D.; Zeng, D.D. Coordinated cyber security enhancement for grid-transportation systems with social engagement. IEEE Trans. Emerg. Top. Comput. Intell.; 2022; pp. 1-15. [DOI: https://dx.doi.org/10.1109/TETCI.2022.3209306]

130. Li, L.; He, W.; Xu, L.; Ash, I.; Anwar, M.; Yuan, X. Investigating the impact of cybersecurity policy awareness on employees’ cybersecurity behavior. Int. J. Inf. Manag.; 2019; 45, pp. 13-24. [DOI: https://dx.doi.org/10.1016/j.ijinfomgt.2018.10.017]

131. McIntosh, T.; Liu, T.; Susnjak, T.; Alavizadeh, H.; Ng, A.; Nowrozy, R.; Watters, P. Harnessing GPT-4 for generation of cybersecurity GRC policies: A focus on ransomware attack mitigation. Comput. Secur.; 2023; 134, 103424. [DOI: https://dx.doi.org/10.1016/j.cose.2023.103424]

132. Mudacumura, G.M. Accountability and transparency: Cornerstones of development and democratic governance. Challenges to Democratic Governance in Developing Countries; Mudacumura, G.; Morçöl, G. Springer International Publishing: Cham, Switzerland, 2014; pp. 37-55.

133. Lauwo, S.G.; Azure, J.D.-C.; Hopper, T. Accountability and governance in implementing the sustainable development goals in a developing country context: Evidence from Tanzania. Account. Audit. Account. J.; 2022; 35, pp. 1431-1461. [DOI: https://dx.doi.org/10.1108/AAAJ-10-2019-4220]

134. Srinivas, J.; Das, A.K.; Kumar, N. Government regulations in cyber security: Framework, standards and recommendations. Future Gener. Comput. Syst.; 2019; 92, pp. 178-188. [DOI: https://dx.doi.org/10.1016/j.future.2018.09.063]

135. Pritika,; Shanmugam, B.; Azam, S. Risk assessment of heterogeneous IoMT devices: A review. Technologies; 2023; 11, 31. [DOI: https://dx.doi.org/10.3390/technologies11010031]

136. Liaropoulos, A.N. Cyberspace governance and state sovereignty. Democracy and an Open-Economy World Order; Bitros, G.C.; Kyriazis, N.C. Springer International Publishing: Cham, Switzerland, 2017; pp. 25-35.

137. Deibert, R.J. Toward a human-centric approach to cybersecurity. Ethics Int. Aff.; 2018; 32, pp. 411-424. [DOI: https://dx.doi.org/10.1017/S0892679418000618]

138. Morgan, P.L.; Asquith, P.M.; Bishop, L.M.; Raywood-Burke, G.; Wedgbury, A.; Jones, K. A new hope: Human-centric cybersecurity research embedded eithin organizations. Proceedings of the HCI for Cybersecurity, Privacy and Trust; Copenhagen, Denmark, 19–24 July 2020; pp. 206-216.

139. Grobler, M.; Gaire, R.; Nepal, S. User, usage and usability: Redefining human centric cyber security. Front. Big Data; 2021; 4, 583723. [DOI: https://dx.doi.org/10.3389/fdata.2021.583723] [PubMed: https://www.ncbi.nlm.nih.gov/pubmed/33748750]

140. Bordage, G. Conceptual frameworks to illuminate and magnify. Med. Educ.; 2009; 43, pp. 312-319. [DOI: https://dx.doi.org/10.1111/j.1365-2923.2009.03295.x]

141. Khan, H.H.; Malik, M.N.; Zafar, R.; Goni, F.A.; Chofreh, A.G.; Klemeš, J.J.; Alotaibi, Y. Challenges for sustainable smart city development: A conceptual framework. Sustain. Dev.; 2020; 28, pp. 1507-1518. [DOI: https://dx.doi.org/10.1002/sd.2090]

142. Repette, P.; Sabatini-Marques, J.; Yigitcanlar, T.; Sell, D.; Costa, E. The evolution of city-as-a-platform: Smart urban development governance with collective knowledge-based platform urbanism. Land; 2021; 10, 33. [DOI: https://dx.doi.org/10.3390/land10010033]