Security

Whole-of-State Cybersecurity as a Smarter Way To Scale

Small municipalities and school districts boost cyber resilience through shared services that centralize tools and expertise.

John Wilson

John Wilson is director of sales for state and local government, education, and health care at SolarWinds.

Within the public sector, small municipalities and school districts are getting hit by cyberattacks on a weekly basis, and most do not have the staff or tools to defend themselves. This makes them some of the most vulnerable targets for cyberattacks in the public sector. In fact, according to data from the U.S. Department of Education, school districts across the country face an average of five cyber incidents per week.

While the resources may be smaller in scale when compared to larger targets, the data — such as names, addresses and other personally identifiable information — is just as valuable. To mitigate this gap between threat and resources, more municipalities and school districts are adopting a whole-of-state cybersecurity strategy. This strategy, in which states bring centralized visibility and standardized defenses to all public organizations, allows school districts and municipalities to benefit from stronger security, faster response and optimization of their limited resources.

Click the banner below for insights into operational technology security.

x_security_q325_animated_click_desktop_01

x_security_q325_animated_click_mobile_01

Navigating Limited Resources With Shared Services

For most small-scale public sector organizations, limited resources manifest as a small (or no) IT team, few cybersecurity tools and a dearth of cybersecurity expertise. This lack of resources is usually due to limited budgets and workforce shortages. Simultaneously, small towns lean on complex hybrid IT environments to effectively govern and educate. Hybrid IT environments make it harder for these organizations to implement proper observability functions and other practices that are necessary for sufficient cybersecurity measures.

Further, more public sector organizations are implementing artificial intelligence into their daily tasks, which, despite the vast benefits of AI, presents another level of cybersecurity risks into the equation.

In fact, according to data from a recent public sector survey, 4 in 10 public sector IT leaders are concerned about potential risks associated with adopting AI, including data privacy and compliance concerns. A lack of cybersecurity resources combined with a complex IT system creates the perfect formula for successful cyberattacks.

When these successful cyberattacks occur, they can have effects that range from personal damage to critical infrastructure damage. For example, a successful attack on a local public safety department can hamper an agency’s ability to respond to an emergency. If a school falls victim to a ransomware attack, it could not only halt teaching for the day but also expose the personal data of minors.

It’s also important to note that when cities and districts fall victim to attacks, it could take longer to remediate them due to the same lack of resources that likely led to a successful attack in the first place. In some cases, small municipalities may not even know they’re under attack until it’s too late.

Turning to Whole-of-State Cybersecurity To Cover Gaps

Whole-of-state cybersecurity strategies establish a collective security posture strong enough to deter, battle and recover in the face of cyberattacks. Proper whole-of-state strategies often tap into the more extensive resources of state governments to share high-level tooling and access to expertise that can help establish this necessary security posture.

For example, in a centrally funded model, the state gives every district and municipality the same monitoring, tooling and playbooks. The state security operations center watches 24/7, and when something happens at a small district, staffers catch it, contain it and push the fix statewide in real time. One hit doesn’t become 20, and everyone benefits from the same level of visibility and response.

In addition to tooling, whole-of-state strategies also involve establishing true multiagency and multidepartment partnerships. This means that state agencies, local municipalities and school districts collaborate on cybersecurity initiatives and share relevant data to empower cybersecurity at all levels. This requires regular communication between all parties, such as monthly or quarterly meetings.

The state of Tennessee provides a good example of a longstanding whole-of-state cybersecurity approach. The state maintains relationships with national organizations — such as the National Association of State Chief Information Officers — that are committed to the cybersecurity health of local public organizations. Tennessee also exemplifies a true multiagency partnership. For example, the state has worked with the Tennessee National Guard to help with cyberattack mitigation and response.

It’s important for states to understand that whole-of-state efforts are not solely for the benefit of school districts and small municipalities. When threat actors are able to successfully infiltrate these institutions, it opens avenues for them to infiltrate larger, state-based IT systems. It could also allow them to impact local functions that affect state infrastructure. When the smallest, most vulnerable institutions are safe from cyberattacks, it enables a complete security posture for the entire state and all entities within it.

pixdeluxe/Getty Images