From the Document: "According to the National League of Cities, there are approximately 39,000 municipal, county, and township government entities in the U.S., 90 percent of which serve small populations. Another 50,000 special purpose government entities and small school districts exist. These jurisdictions face considerable threats of theft of personally identifiable information (PII) and hacking that would disrupt critical infrastructure services. Unfortunately, the basic cyber risk management tools built for the commercial and nonprofit sectors do not address the subtle but important differences that define small government cyber risks. The cyber risk management solutions that currently exist for commercial and nonprofit entities need to be updated with research, analysis, and models that are unique to small government entities. Applying cyber risk management tools with the correct underlying research,analysis,and models for small government entities will fill an important gap in cybersecurity resources and tools for small government entities."
Cybersecurity and Infrastructure Security Agency: https://www.cisa.gov/