COMMENTARY | Federal grants worth $1 billion could position state and local governments to harden their networks and protect themselves from cyber threats. Here’s what to keep in mind.
As we’ve experienced in recent years, cyberattacks can cause devastating disruptions to lifeline services, including utilities like power and water, 911 operations, and even global supply chains that provide fuel. Increasing geopolitical tensions add a new dynamic to the cyber threat landscape, especially for countries like the United States, which may face retaliatory cyberattacks for providing support to other nations under duress from shared adversaries.
Getting the best defense means getting back to the basics. In cybersecurity, that means leveraging various tools for hardening networks, detecting malicious activity and practicing good cyber hygiene. The new, impending $1 billion cybersecurity grant program managed by the Cybersecurity and Infrastructure Security Agency, or CISA, will offer states and localities a unique opportunity to modernize their IT networks and bolster their cybersecurity posture.
The federal funding, provided by the 2021 Infrastructure Investment and Jobs Act, will also help states and localities make more meaningful progress in developing, revising and implementing their cybersecurity plans. Based on criteria laid out in the law, those plans should better position state and local government entities to:
- Manage, monitor and track state-owned information systems, applications and user accounts, including traffic flowing between them.
- Enhance the preparation, response, and resiliency of those systems, applications and user accounts against cybersecurity threats.
- Implement continuous cybersecurity vulnerability assessments and threat mitigation practices.
This is especially helpful to state and local governments that haven’t had the time or resources to dedicate toward developing these crucial plans for preparing for and managing cyber incidents.
The first round of funding, scheduled to be released sometime this year, will provide $200 million in cybersecurity grants. Additional funding will flow through fiscal year 2025 on an annual basis, with the potential to focus more on target-rich and resource-poor governments as the program is tested. CISA intends to provide an additional $80 million through the establishment of a critical infrastructure cybersecurity grant program to help state and local governments further reduce their cyber risks.
With the funding imminent, state and local governments can proactively position themselves to take advantage of it. Below are several actions they should take:
1. Coordinate with Stakeholders
Information technology and cybersecurity government officials, including chief information security officers and chief technology officers at the state, local, tribal and territorial levels, should work closely with their state administrative agencies, the designated agency responsible for overseeing the management of the grant; state-level cybersecurity agencies; and private sector partners to develop a strategy to implement a cybersecurity plan, which is a condition for the grant awards.
2. Engage Local Governments
State governments must consult with, and receive feedback from, local governments within their jurisdictions to align the state’s cybersecurity plan with local needs. Therefore, it is critical that states engage across their local units of government to assess and prioritize needs. In addition, multi-entity applications are permitted.
3. Be Vigilant
State and local government organizations should understand their cyber risks and maintain clear visibility on their security posture. Attackers often dwell in systems for extended periods of time, gathering information and preparing to strike, even outside of international crises. All organizations must proactively monitor for cyber threats and confirm their existing security tactics are updated, even at the lowest level of concern. This also will help states and localities prioritize needs by addressing vulnerabilities.
With the current war in Ukraine and continued threats of increased cyber aggression from Russia, delaying the hardening of defenses now could endanger Americans here at home should we experience disruptive or destructive cyberattacks on our critical infrastructure.
The rise of geopolitical tensions and persistent cyberattacks from nation states and criminal gangs require coordinated preparation and response efforts between the public and private sector and at all levels of government. This is a marathon, not a sprint. Are you ready?
Stacy O'Mara is the senior director for government affairs at Mandiant.