Security

State and Local Governments Eye Collective Cybersecurity Measures

A number are bringing efforts under one umbrella to ensure public sector resources remain safe.

John Powers is a Senior Business Development Strategist for Public Safety with CDW•G.

In March, concerned economic sanctions the United States had placed on Russia following its Ukraine invasion might prompt a retaliatory cyberattack, President Joe Biden urged the private sector to shore up its security posture — and reportedly also advised state governors and local officials to safeguard critical infrastructure oversight and establish incident response plans.

In the subsequent months, a number of state and local governments announced plans to create and expand collaborative cybersecurity efforts — which can provide a valuable framework to help all involved parties proactively prepare to address future cyberthreats and attacks.

In February, New York state launched the Joint Security Operations Center (JSOC). It’s a new cybersecurity hub located in Brooklyn staffed by NYC Cyber Command, the department that coordinates cyber defense across New York City’s agencies and offices; federal and state law enforcement entities; and local and county government representatives.

While government agencies in New York had historically treated cybersecurity efforts as separate, individual initiatives, state leadership said earlier this year that stance “is no longer optimal” because the frequency and sophistication of today’s cyberattacks require a more comprehensive approach.

Discover expert security resources from StateTech by clicking on the banner below.

Working Together Can Mount a Stronger Defense

At the JSOC’s opening, New York Gov. Kathy Hochul cited the increasingly volatile geopolitical circumstances surrounding Russia and Ukraine as one of the catalysts for the collaboration among New York’s city, state and local governments — which she said would include trainings, tabletop exercises and other educational opportunities for regional, state and municipal leaders.

The new center will also help officials monitor potential threats in real time by centralizing telemetry data, according to a press release from New York City Mayor Eric Adams’ office.

In addition to the new facility, Hochul has proposed a $62 million 2023 fiscal year cybersecurity budget for the state, which would include a $30 million shared services program designed to help local governments implement cybersecurity services to increase their level of defense.

Other states have also announced they’re working with local government entities to enhance tech attack precautions and response.

Iowa, for instance — which currently provides services ranging from security monitoring to malware detection in some form to its 99 counties — recently said it will relaunch its cybersecurity operations center to provide round-the-clock cyber monitoring services and increased threat visibility for local governments within the state.

This year, Massachusetts also expanded the municipal cybersecurity program it introduced in 2019, which funds training for municipality and public school employees through grants. The updated cybersecurity prevention training the state is providing now includes cyberattack simulations.

Combined Actions Should Streamline and Strengthen Reach

In recent years, a number of cities and counties have experienced cyberattacks — 204 in the past 24 months alone, according to one estimate.

While some — such as Baltimore, which fell victim to ransomware in 2019 and had a 911 system breach in 2018 — may seem like obvious targets due to their size, hackers are also seeking out smaller areas. In Collierville, for instance, a 50,000-person town in Tennessee, municipal services such as the public library had to operate offline for several days after a 2019 ransomware attack.

In cyber incidents, a speedy response is crucial to reduce the potential damage.

DIVE DEEPER: How governments can improve cybersecurity tools and incident response efforts.

Due to manpower and budgetary constraints, smaller local governments may not be able to fully staff dedicated response teams or implement all available defense technologies and techniques, which can make them easier and more attractive attack targets.

Funding from 2021’s Infrastructure Investment and Jobs Act, which allotted $1 billion for cybersecurity-related state and local government tech improvements over the next few years, may eventually help local and other government organizations enhance their overall security capabilities.

As of today, though, 58 percent of local government IT executives say their organization’s budgets can’t adequately support security and cloud initiatives.

How Proper Incident Response Can Protect Governments

Collective cybersecurity efforts can provide assistance and resources to help fill in local government coverage gaps — offering a centralized repository of emerging cyberthreat updates from sources such as software manufacturers, for example, which can be time-consuming for smaller government agencies to compile on their own.

Statewide cybersecurity programs can also supply recommended protocols and procedures — a standard but critical component in law enforcement and many other public sector operations — which can position agencies to deal with cybersecurity threats swiftly and effectively.

EXPLORE: Election security and infrastructure solutions to combat increasing threats.

Identifying a cybersecurity point of contact within a local agency, and having that individual pursue training to be able to accurately understand and convey pertinent information, can help expedite communication during cyber incidents.

Governments should be aware, however, that even with clearly outlined response steps and contacts, interconnected networks and IT programs pose a risk for attacks to quickly spread to other government bodies.

In case one or more of the entities a government agency might rely on for assistance is also shut down by a cyberattack, state and local leaders may want to consider building redundancies into their defense and response plans. This will help prevent agencies from spending additional time tracking down an alternative option to help investigate, safeguard and restore operations.

This article is part of StateTech’s CITizen blog series. Please join the discussion on Twitter by using the #StateLocalIT hashtag.