IT Security - Government
Please use the follow resources to help educate and understand cybersecurity specific to local government!
- Multi-State Information Sharing and Analysis Center (MS-ISAC): The MS-ISAC is federally funded by Homeland Security CISA and a division of the Center for Internet Security (CIS). The MS-ISAC is autonomously guided by the Executive Committee and member organizations. The mission of the MS-ISAC is to improve the overall cybersecurity posture of U.S. State, Local, Tribal, and Territorial (SLTT) government organizations through coordination, collaboration, cooperation, and increased communication. MS-ISAC (cisecurity.org)
- CIS Critical Cybersecurity Controls: The CIS Critical Security Controls (CIS Controls) are a prioritized set of Safeguards to mitigate the most prevalent cyber-attacks against systems and networks. They are mapped to and referenced by multiple legal, regulatory, and policy frameworks. CIS Critical Security Controls (cisecurity.org)
- Homeland Security CISA Recommendations: CISA recommends all organizations—regardless of size—adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets. Recognizing that many organizations find it challenging to identify resources for urgent security improvements, we’ve compiled free cybersecurity services and tools from government partners, and industry to assist. Shields Up | CISA
- Ransomware 101 and Response: Ransomware is an ever-evolving form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption. Ransomware actors often target and threaten to sell or leak exfiltrated data or authentication information if the ransom is not paid – more ransomware resources
- Resource Guide for Governors and Elected Officials: Cyber Incident Resource Guide for Governors (cisa.gov)
- MS-ISAC Membership & Services: Membership in the Multi-State ISAC is open to employees or representatives from all 50 states, the District of Columbia, U.S. Territories, local and tribal governments, public K-12 education entities, public institutions of higher education, authorities, and any other non-federal public entity in the United States of America. This is always a free and voluntary membership for all these eligible organizations. MS-ISAC Registration (cisecurity.org) AND MS-ISAC Services (cisecurity.org)
- National Cybersecurity Review (NCSR): The NCSR is a no-cost, anonymous, annual self-assessment. All states (and agencies), local governments (and departments), tribal nations, and territorial (SLTT) governments are encouraged to participate. It is designed to measure gaps and capabilities of SLTT governments’ cybersecurity programs and is based on the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF). Using the results of the NCSR, DHS delivers a bi-yearly anonymous summary report to Congress providing a broad picture of the cybersecurity maturity across the SLTT communities. The NCSR is hosted on a secure GRC software platform. Nationwide Cybersecurity Review (NCSR) (cisecurity.org)
- Free Online Training: The Federal Virtual Training Environment (FedVTE) provides free online cybersecurity training to federal, state, local, tribal, and territorial government employees, federal contractors, and US military veterans. FedVTE Login Page (usalearning.gov)
- Cyber Hygiene Vulnerability Scanning: Vulnerability scanning helps secure internet-facing systems from weak configurations and known vulnerabilities and encourages the adoption of best practices. Once initiated, this service is mostly automated and requires little direct interaction. CISA performs the vulnerability scans and delivers a weekly report. Free Cybersecurity Services and Tools | CISA
- Cyber Essentials Toolkits: The Cyber Essentials Toolkit is a set of modules designed to break down the CISA Cyber Essentials into bite-sized actions for IT and C-suite leadership to work toward full implementation of each Cyber Essential. Cyber Essentials Toolkits | CISA
- Election Security Tools & Resources: CIS and the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC) provide many resources to support the cybersecurity needs of the election community. The resources below include guidance on security best practices developed by a global community of cybersecurity experts, that are tailored for the unique nature of election security. Election Security Tools & Resources (cisecurity.org)
- Additional CISA Resources: The resources below are available to State, local, tribal, and territorial governments. Resources have been aligned to the five Cybersecurity Framework Function Areas. Some resources and programs align to more than one Function Area. Resources for State, Local, Tribal, and Territorial (SLTT) Governments | CISA
- CISA Region 5 Information: Includes Illinois, Indiana, Michigan, Minnesota, Ohio, and Wisconsin Region 5 | CISA
Educate Others on Cybersecurity
The CISA Cybersecurity Awareness Program is a national public awareness effort aimed at increasing the understanding of cyber threats and empowering the American public to be safer and more secure online. Cybersecurity is a shared responsibility. We each have to do our part to keep the Internet safe. When we all take simple steps to be safer online, it makes using the Internet a more secure experience for everyone.
Cybersecurity Awareness Month is in October every year!