Whether critical infrastructure, healthcare, tech, or local municipalities, a new study has ranked the most vulnerable cities across the nation when it comes to handling a cyberattack.
It appears not all US metro areas are equally prepared to handle the uptick in cyber threats sweeping the nation, according to a new report by Frontegg, an identity and account management firm that has done the tedious work of determining which US cities are most at risk.
“Some cities are becoming hotspots for cyber threats because their defenses aren’t scaling with their digital growth,” Frontegg points out.
“When critical industries expand faster than the cybersecurity teams meant to protect them, vulnerabilities multiply. The result is a wider attack surface, more pressure on internal teams, and more opportunities for breaches,” it said.
To come up with the “Digital Risk Index” ranking of the 55 metro areas, Frontegg researchers analyzed four different criteria:
- number of cybersecurity workers
- Number of job openings
- high-risk industry density
- State-level breach frequency
So which cities are the most vulnerable?
When it comes to the number of cybersecurity workers per 100,000 residents, the study found two California metropolitan areas most at risk: the centrally located Fresno, and the Riverside-San Bernardino-Ontario region, which is considered the 12th largest metropolitan area in the US. Ranking number three is the Tulsa metro area in Oklahoma.
Frontegg notes that California leads the index risk, with 7 of the top 10 most at-risk cities for cyberattacks, with Fresno having only 49 cybersecurity workers per 100K, the lowest in the nation.
When it comes to the number of cybersecurity job openings (also per 100K residents), the Washington, DC metro area has the highest cybersecurity job vacancy rate, with 947 openings per capita.
This also includes the metro areas of Arlingrton and Alexandria, Virginia, both located just outside the nation’s capital.
The Baltimore, Maryland metro comes in at the second most at risk with 487 job openings, and California’s San Jose region ranking third at risk with 310 openings per capita.
Moving on to the areas most at risk due to the “heavy footprint of high-risk industries” we see the Los Angeles and San Francisco regions coming in as the top two risk spots hosting an average of about 2300 companies each.
Fresno, California (again) ranks at number three for most at-risk with just over 1900 companies across the region, with high-risk industries including the nunber of private tech, healthcare, and finance companies per capita.
The study states that the presence of these industries “creates chronic pressure on existing defenses.”
Finally, the report ranked the most at-risk areas using data from the state level based on the number of breaches per 100K residents. The top three, ranked in order, Washington, DC, Massachusetts, and Oregon.
Washington, DC, which houses the federal government, had at least 34 incidents per 100,000 residents, attributed to either its “high concentration of valuable targets or lagging cybersecurity defenses,” Frontegg said.
For cities in Massachusetts and Oregon, “a consistent pattern of breaches may point to deeper infrastructure gaps, outdated systems, or insufficient cybersecurity investment, any of which can leave sensitive assets exposed,” it said.
The statistics analyzed in the study were taken over a 12-month period from September 2023 through August 2024. For the full list, you can check it out here.
Your email address will not be published. Required fields are markedmarked