"My initial reaction was: 'they're doomed,'" cybersecurity expert Patrick Kelley, founder of Critical Path Security, said.
Kelley said he was surprised to see funding for Atlanta Information Management drop since the 2018 ransomware attack, based on a report shared with the city's finance committee on March 30.
"Most cybersecurity plans are built on a five-year maturity model," Kelley said. "We're not even four years after the recovery of the ransomware event that cost the city millions of dollars."
Given limited resources, Kelley said local governments are already at a disadvantage compared to large corporations when it comes to technology funding.
"They have to operate with the lowest amount of money that they can possibly get," Kelley said of the challenges, "And have to do the most that they can with it."
Yet, he said resources and response time are critical. According to Kelley, it only takes five to six minutes for a ransomware attack to become catastrophic.
"My concern is with these budget reductions, they are probably going to have a catastrophic event with the next year," Kelley said.