Updates from the Resource Center for State Cybersecurity team, January 24, 2022
Resource Center Announcements
NGA Request for Information:
When Colorado’s Department of Transportation came under ransomware attack in 2018, its response/recovery included a successful Emergency Management Assistance Compact (EMAC) request answered by California’s Office of Emergency Services. This was the first use of EMAC for a cybersecurity mission. Has your state had occasion to consider requesting assistance under EMAC? What considerations counseled in favor or against making such a request? Please contact Steve Fugelsang here to discuss.
Kansas Cybersecurity Task Force – Final Report Published
On January 4, Kansas Governor Laura Kelly announced the release of the state Cybersecurity Task Force’s final report. The Task Force’s forty-one recommendations—organized by subject area like Cybersecurity Governance and Strategy and Incident Response Exercises and Training—include seventeen identified as critical. Kansas is among the five states that participated in NGA’s 2021 Cybersecurity Policy Academy.
Indiana’s Cybersecurity Initiatives – Recent Publications
Indiana is among the five states that participated in NGA’s 2021 Cybersecurity Policy Academy. Recent publications stemming from the work of its Indiana Executive Council on Cybersecurity (IECC) include:
- The State of Cyber Report (2017-2021), illustrating Indiana’s collaborations with public, private, academic, and military partners to strengthen its cybersecurity posture and risk environment
- The 2021 Indiana Cybersecurity Strategic Plan, featuring 134 topically organized objectives
NGA Publication on Executive Authority During Energy Emergencies
In December, the NGA Center for Best Practices published a report entitled “Executive Authority During Energy Emergencies.” The report functions as a roadmap to help Governors prepare in advance of an energy emergency (such as one precipitated by a cyberattack) to identify pertinent emergency authorities and coordinate with state, industry, and federal partners.
Cybersecurity Resources
CISA Insights on “Implementing Urgent Cybersecurity Measures Now to Protect Against Critical Threats”
CISA recentlyreleased this product, which complements the recent report “Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S Critical Infrastructure.” Several entities in Ukraine have suffered a malicious cyber incident. This insight is to ensure that U.S. senior leaders are equipped with the information to prevent potentially damaging cyberattacks.
Resources:
- Implementing Cybersecurity Measures Now to Protect Against Potential Critical Threats
- Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure
Cyber Action Plan: Infrastructure Implementation Recommendations for State and Local Governments
In November, President Biden signed the Bipartisan Infrastructure Deal into law. This legislation features a series of cyber-related provisions as well as a new State and Local Cybersecurity Grant Program. The Information Technology Industry Council (ITIC) and BSA – The Software Alliance have each released a set of cyber policy recommendations for state and local governments as they prepare to allocate resources under this law.
Resources:
- ITI Cyber Action Plan: Infrastructure Implementation Recommendations for State and Local Governments
- Strengthening Trust and Securing Digital Transformation: States’ Essential Role in Cybersecurity
BCG Resource for State Government Cybersecurity Improvement
Click here for a resource from Boston Consulting Group (BCG) on the cybersecurity challenges facing states and strategies for navigating them. An appendix details relevant federal funding streams including the new State and Local Cybersecurity Grant Program.
Incident Reporting to U.S. CYBERCOM — “Cyber 9-Line”
The U.S. Cyber Command (CYBERCOM) welcomes efforts to integrate its Cyber 9-Line paradigm into states’ emergency cyber incident response plans, citing national security benefits including improved event detection and increased preparedness. This effort seeks to standardize and integrate state response with federal efforts, to improve real-time tracking of emerging threats. For more information, see this slide or email Steve Fugelsang.
January 26 ITI Cyber Planning Event for State and Local Governments
The Information Technology Industry Council (ITIC) will host a digital event on January 26 at 2PM ET to discuss the new infrastructure law and its effects on state and local governments. There will be a virtual discussion on pending investments in these areas. Please RSVP for the event here.
January 27 State and Local 2022 Tech Forecast: Opportunities for Growth
CompTIA Public Technology Institute and NASCIO will host their annual webinar on January 27 at 2PM ET. This event will provide an overview of coming technology issues implicating state and local governments. Please register for the webinar here.
January 27 Washington State Data Privacy Webinar
Data Privacy Day is recognized nationally and internationally on January 28 to raise awareness about the importance of privacy and safeguarding data. To celebrate and recognize the day, Washington’s Office of Privacy and Data Protection is hosting a free webinar on privacy legislation and trends at the state and federal levels on January 27 at 10 – 11AM PST. For the meeting link, please email privacy@ocio.wa.gov. The webinar will also be posted at the office’s website for those who cannot make it.
Cybersecurity News
CISA to Increase Cybersecurity Support for State Governments
CISA has added 42 new state coordinators to its team. Utilizing federal and local resources, coordinators will assist states in developing plans and creating best practices. Because state coordinators are essential to strengthening cybersecurity infrastructure, CISA has allocated $5 million for the state cybersecurity coordinators program. Please read the full article here.
U.S. Senate Passes Bill to Increase Cybersecurity Coordination Between States, DHS
On January 11, the Senate approved bipartisan legislation to increase cybersecurity coordination between the Department of Homeland Security and state and local governments. The State and Local Government Cybersecurity Act authorizes CISA to provide state and local actors resources to upgrade security tools and procedures. The bill is now under consideration in the House of Representatives. Please read the full article here.
10 Senators Request Information on Nations’s Plans for Critical Infrastructure
On January 3, 10 Senators sent a letter to the secretaries of the Department of Homeland Security and the Department of Transportation requesting an update on plans for responding to a cyberattack on the nation’s critical infrastructure. The senators’ letter seeks details on DHS and DoT plans to meet new requirements under the National Defense Authorization Act. Please read the full article here.
Senate Passes Bills Aimed at Ransomware, Data Breaches
On January 19, Pennsylvania’s state senate passed a package of legislation aimed at preventing data security breaches and requiring victims and law enforcement officials to be notified when they do happen. The first bill would require the state to strategize to prevent ransomware attacks. The second bill would require any state agency, school, or local government to notify individuals of any breach of personal information. Please read the full article here.
Maryland Officials Want Answers as Problems Persist a Month After Cyberattack
Maryland health workers are still unable to use computers following the cyberattack on Maryland’s health Department. This roadblock is preventing medical response to the pandemic and routine medical responses. Lawmakers have provided the public with incomplete explanations from the administration of Gov. Larry Hogan (R). Legislative leaders have acknowledged that sensitive details may need to be handled in a closed session. Please read the full article here.
New Mexico Experiences Local Government Ransomware Attack
On January 5, Bernalillo County in New Mexico experienced the first ransomware attack of the year. The attack seemed to be directed at its computer systems, and in response the county government took all systems offline. Last year, at least 76 municipalities reported debilitating ransomware attacks. Please read the full article here.
5000 School Websites Affected by Ransomware Attack
Software provider Finalsite suffered a ransomware attack that affected the websites of about 4,500 U.S. schools. In response, the technology firm shut down and rebuilt its systems. Nationwide, remote learning has been disrupted on several occasions due to ransomware attacks, most notably Baltimore County’s public school system in November 2020. The Government Accountability Office recently called on the Department of Education to do more to protect schools. Please read the full article here.
