With over 90 thousand different state and local governments across the U.S., creating a unified approach to cybersecurity and defending all of these counties, cities, territories, states, and commonwealths is not only in each of their interests, but the national interest as well.
In a 2021 letter to Congress, representatives from the National Governors Association, the National Association of Counties, the United States Conference of Mayors and other organizations pointed to the increasing number of ransomware attacks, noting that the evolution of cyber incidents has progressed from “digital consequences to sophisticated strikes intended to threaten the health and safety of our nation’s citizens.” And in a recent study, Sophos found that local governments were the organizations least capable of disrupting ransomware attacks, and that they were also among the ransomware victims to pay ransoms most frequently (43% paid a ransom after an incident).
A recent, high-profile event occurred on September 8, when the government of Suffolk County, Long Island was hit with a malicious ransomware attack. Multiple county agencies were affected, including the police department and the Department of Social Services. As a result, for several weeks, fax machines were dusted off, pencils were sharpened, and email became a thing of the past. More than two months later, officials are still assessing how much damage was done—something even Leslie Knope might have trouble doing.
In mid-September, the Department of Homeland Security (DHS), through the Cybersecurity and Infrastructure Security Agency (CISA) announced the implementation of the State and Local Cybersecurity Grant Program (SLCGP) and the Tribal Cybersecurity Grant Program (TCGP). This first-of-its-kind program was established by the Bipartisan Infrastructure Law, and will distribute $1 billion over four years to help smaller governments address cybersecurity risks, strengthen critical infrastructure, and protect their systems against persistent threats. Congress has specified that 80% of the funds should support local governments, and at least 25% of that should be directed to rural areas.
“Cyberattacks have emerged as one of the most significant threats to our homeland,” said Secretary of Homeland Security Alejandro N. Mayorkas. “In response, we continue to strengthen our nation’s cybersecurity, including by resourcing state and local communities to build and enhance their cyber defenses. The cybersecurity grant process we are starting today is a vital step forward in this critical effort. Our approach is one of partnership, in the service of an all-of-society investment in the security of our homeland.”
Based on input from state, local and territorial leaders—and factoring in national priorities—the SLCGP has four stated objectives:
1. Implement cyber governance and planning;
2. Assess and evaluate systems and capabilities;
3. Mitigate prioritized issues; and
4. Build a cybersecurity workforce.
Each state and territory must establish a Cybersecurity Planning Committee that coordinates, develops and approves a Cybersecurity Plan in order to prioritize how funds are distributed.
This marks an important step in the growing commitment to protect the nation’s infrastructure and its economy. “As we build a better America, we’re ensuring that our infrastructure is more modern and digitally connected. But along the way, we must also take proactive steps to increase our resilience to the increasing threat of cyberattacks,” said White House Infrastructure Coordinator Mitch Landrieu.
To prevent ransomware attacks and other types of cyber intrusions on local governments, institutions must have up-to-date cybersecurity tools and cyber hygiene practices that are followed by everyone. To prevent and respond to these types of incidents, SecurityScorecard has the tools to help. Continuous monitoring in our ratings platform can identify the blind spots in your digital footprint and help protect the attack surface from every angle. In the event of a confirmed or suspected ransomware attack, our incident response and digital forensics teams provide support. Other offerings include Cyber Risk Intelligence as a Service (CRI), and our new Attack Surface Intelligence (ASI). For more information on how to better secure your organization, visit SecurityScorecard.