Suffolk County’s Data Recovery Playbook: Five Tips for Building State and Local Cyber Resilience

State and local governments are under increasing pressure from a wave of cyber threats, including attacks from nation-state adversaries and sophisticated cybercriminal groups. Building true cyber resilience at the state and local levels is not just a technology goal but a mission-critical imperative as the attack surface expands and resources become scarce. 

Based on insights shared by Hassan Ahmed, chief technology officer and chief deputy commissioner of Information Technology (IT) for Suffolk County, New York, during Rubrik Forward 2025, here are several actionable tips to help your agency strengthen its defenses and recover from cyberattacks.

Tip #1: Understand that the Threat Landscape is Evolving

Hassan emphasized that the threat landscape is constantly evolving, with sophisticated nation-state actors targeting critical infrastructure. The sheer number of vulnerabilities and the growing attack surface mean that it’s not a question of if, but when, your agency will be targeted.

“We live in a day and age where obviously cybersecurity is of the utmost importance and prevalence in our day-to-day lives, but especially [in] the private and public sector,” he said.

Tip #2: State and Local Cyber Resilience is Imperative

Cyber resilience is more than just preventing attacks—it’s about preparing for rapid recovery and minimizing impact. “The moment that we start to believe that we're not at risk, we're [at] the greatest risk of all,” cautioned Ahmed. 

Suffolk County’s approach to cyber resilience has included:

• Continuous Risk Remediation: Regularly assessing and updating cybersecurity posture.
  
• Robust Data Backup and Integrity: Ensuring data can be restored quickly and securely.
• Vendor Partnerships: Collaborating with both internal teams and external partners like the Department of Homeland Security and CISA.
• Open Communication: Keeping lines open between cybersecurity, network, infrastructure, and administrative teams.

Tip #3: Cyber Hygiene Matters For State and Local Governments

Hassan pointed to a recent outage by a major provider that disrupted everything from flights to gas purchases and online banking. Such incidents highlight how dependent daily life is on digital infrastructure—and how critical it is to maintain strong cyber hygiene.

“Making sure that risk vulnerability assessment is really a part of every organization is imperative,” he said.

Tip #4: You Must Address Budget and Workforce Constraints

State and local governments often face tighter budgets and longer procurement processes than their private counterparts. Hassan recommends:

• Strategic Budget Forecasting: Plan your operating and capital expenditures well in advance.
• Streamlined Procurement: Work with supportive leadership to expedite cybersecurity acquisitions.
• Leveraging Partnerships: Collaborate with other agencies and vendors to maximize resources.

A well-managed budget can mean the difference between succumbing to a successful cyberattack and a full recovery. “The size of the organization's budget or IT staff doesn't determine the criticality of its role in critical infrastructure,” said Ahmed.

Tip #5: Embrace Best Practices for State and Local Cyber Resilience

Hassan said that state and local governments should waste no time implementing cyber resilience policies and procedures. Here are his top recommendations for organizations looking to get started:

1. Prioritize Rapid Recovery: Have plans and tools in place to restore operations fast.

2. Automate Where Possible: Use automation to speed up response and recovery efforts.

3. Encrypt Everything: Ensure sensitive data is always protected.

4. Regularly Assess and Update: Continuously improve your agency’s cybersecurity posture.

5. Foster a Culture of Awareness: Make cyber hygiene a core value across your agency.

“Rapid recovery is probably top priority for all organizations… the quicker you can recover securely really diminishes the effects or the benefits for threat actors even initiating the attack,” said Ahmed.

Final Thoughts

Cyber resilience should be everyone’s business at the state and local levels. Ensure that your agency’s leadership, staff, and partners remain engaged and aware, as complacency is the adversary's greatest ally.

No matter your agency’s size or budget, focus on rapid recovery, continuous improvement, and strong partnerships to build true cyber resilience.

State and local cyber resilience isn’t about just data backups—it’s about anticipating operational disruption, limiting impact, and bouncing back fast. 

Want to see how Rubrik can help your agency secure data, accelerate recovery, and build true cyber resilience? Get a personalized demo of Rubrik's Security Cloud - Government today.