Welcome to another episode of A Little Privacy, Please!® Our guest today is Rudy Salo, a public finance partner in the Nixon Peabody Los Angeles office. Rudy serves as counsel for community impact financing involving government entities, transportation systems, educational institutions, cultural institutions, and entertainment venues. He advises lenders in structuring various lending facilities throughout the United States—which often involve real estate and other collateral—and advises new mobility companies.
Why does Rudy, a public finance attorney, and self-proclaimed local government guy, care so much about cybersecurity? Let’s find out.
Watch A Little Privacy, Please! on cyber risk in the municipal bond market.
Why are you, Rudy, interested in cybersecurity?
I love what I do. I love that in public finance, we help build our communities—roads, schools, bridges, hospitals—and I care about the safety of my community. And it turns out that one of the largest threats to local governments is cybercrime. Cybercriminals can take over a government and shut it down.
I’m not the only person that cares about cybersecurity. Rating agencies, which rate the underlying credit quality of local government debt, also care about municipal cybersecurity protocols. A local government’s rating could go up or down depending upon how well of a cybersecurity plan that local government has in place to deal with a cyberattack.
I care because a cyberattack could affect the borrowing rate that my clients borrow from the municipal market.
So, having great and strong cybersecurity protocols in place can lead to lower borrowing costs for local governments.
Absolutely. It definitely can lead to lower rates, which will mean lower interest rates to borrow at. That ultimately affects citizens within that local government because we are the ones that finance that local government, whether it’s through our water bills, whether that’s through our sewer bills, whether that’s through our trash bills, whether that’s through our property taxes. So, local governments need to care about cyberthreats.
Cybercriminals are targeting municipal water supplies and electrical grids. Are cyber risks being taken seriously enough by local governments and by municipalities?
I do think municipalities are taking cyber risks seriously. When working on a bond deal, we ask about cybersecurity threats as a part of our due diligence process. We hear reports about the cyberthreats municipalities observe and how their chief information officer and IT team are working with cyber professionals and attorneys to deal with potential cyberattacks.
Rating agencies, when rating a debtor, are asking questions about cybersecurity. Cybersecurity is no longer an issue that local governments and municipalities can ignore.