In the ongoing battle to protect our nation’s state, local, tribal, and territorial (SLTT) organizations from cyber threats, a recent report highlights the importance of regular self-assessments and the need to strengthen cybersecurity programs. As artificial intelligence progresses, cybercriminals are finding new ways to target government entities, posing challenges for those tasked with defending against these threats.
The Nationwide Cybersecurity Review (NCSR), a no-cost assessment sponsored by the U.S. Department of Homeland Security (DHS) and conducted by the Multi-State Information Sharing and Analysis Center (MS-ISAC), offers valuable insights into the cybersecurity landscape at the SLTT level. The most recent NCSR report, covering the period from October 2023 to February 2024, revealed some key findings that shed light on the current state of cybersecurity across public sector organizations.
One notable trend from the NCSR assessment was a 14% increase in participation compared to the previous year, with over 4,210 organizations completing the assessment. This growing interest in cybersecurity assessments indicates a recognition of the evolving threat landscape and the need to stay vigilant against potential cyberattacks.
The report also highlighted areas of strength and weakness in cybersecurity practices among SLTT organizations. Higher-scoring areas included identity management, access control, awareness and training, environment monitoring, and incident mitigation planning. On the other hand, lower-scoring areas included risk management activities, testing of response and recovery plans, and implementation of disaster recovery plans.
One of the key challenges identified in the report was the limited resources available to many SLTT organizations in terms of cybersecurity personnel and funding. A significant number of respondents indicated that they had fewer than five dedicated security employees, and the majority expressed concern about the lack of sufficient funding for cybersecurity initiatives.
To address these challenges and enhance their cybersecurity posture, SLTT organizations can take several proactive steps. Leveraging federally-funded services from organizations like the MS-ISAC and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) can help establish a robust cybersecurity infrastructure, with offerings such as 24/7 threat monitoring and Malicious Domain Blocking and Reporting (MDBR) to enhance threat detection and mitigation capabilities.
Additionally, establishing regular review and testing of risk management processes, incident response activities, and disaster recovery capabilities is crucial for identifying and addressing vulnerabilities. Creating clear security policies and ensuring effective communication of these policies to all stakeholders, including executives, employees, and third parties, can help promote a culture of cybersecurity awareness and compliance within the organization.
Reporting cybersecurity metrics to management or executive teams can also be instrumental in securing support and resources for future cyber investments. By aligning practices with established cybersecurity frameworks such as the CIS Critical Security Controls or NIST’s Cybersecurity Framework, organizations can streamline their security efforts and prioritize areas for improvement.
In conclusion, the NCSR report serves as a valuable resource for SLTT organizations looking to enhance their cybersecurity defenses and better understand the evolving threat landscape. By conducting regular self-assessments, prioritizing key areas for improvement, and leveraging available resources and frameworks, organizations can strengthen their cybersecurity posture and protect against the growing tide of cyber threats.