A recent report from the Multi-State Information Sharing and Analysis Center highlights how improvements to information-sharing and the distribution of targeted resources can help state, local, tribal and territorial governments shore up their cyber postures.
“This report outlines ongoing improvements, challenges, and priorities informed by surveys, focus groups, expert interviews, and feedback from leaders in SLTT organizations nationwide,” according to the MS-ISAC.
The MS-ISAC published the report on Feb. 27. It offers five recommendations for strengthening SLTT government risk management.
“Owners and operators of SLTT critical infrastructure wage an asymmetric war with attackers including both amateurs and sophisticated, highly resourced nation states,” the report says.
It discusses how SLTT entities “struggle with resource constraints while addressing a host of threats ranging from ransomware attacks to insider threats to supply chain attacks and more.”
First, the MS-ISAC raises the potential for “consolidated and coordinated information sharing” to keep SLTT governments up to speed on threats.
Establishing stronger info-sharing processes “requires strategic investment in real-time information sharing, consolidated platforms, whole-of-state coordination, robust federal and other collaborative partnerships, streamlined funding processes, and advanced managed detection and response (MDR) solutions,” according to the report.
The report encourages implementation through integrating regional and state-level security operations centers with national SOCs, sharing information across threat intelligence teams through fusion centers, establishing “[n]ationwide correlation of telemetry” and developing support forums among SLTT governments to foster a “collaborative approach” to cyber issues.
Another recommendation focuses on using “targeted resources and scalable solutions” to strengthen SLTT governments’ security. Investments in “low-cost, easy-to-implement tools, expanded cyber navigator programs, managed security services, and, in some cases, the development of sector-specific implementation guidance” are needed to achieve this goal, the report says.
In addition to securing specific SLTT networks, the report says these efforts can make an impact on “the broader resilience and integrity of the national cybersecurity framework” based on the “interconnectedness” of critical infrastructure.
The MS-ISAC also addresses a need to foster public trust in SLTT governments to counter foreign adversary campaigns intended to “erode confidence in our institutions or manipulate public perception.”
“Building and restoring trust in public institutions through communication and public engagement is a multifaceted endeavor that necessitates strategic efforts in open data initiatives, outreach, interactive government websites, and simplified documentation,” the report says. “By prioritizing these initiatives and ensuring the provision of critical services, SLTT entities can significantly enhance transparency, foster accountability, and engage the public more effectively.”
These efforts can “restore and sustain public trust,” according to the MS-ISAC, “ensuring that government institutions remain responsive, accountable, and aligned with the needs and expectations of their constituencies.”
The final recommendations are on mitigating insider threats and expanding workforce development initiatives.
On insider threats, the MS-ISAC recommends “implementing robust access controls, conducting regular security awareness training, deploying advanced data loss prevention technologies, enhancing network segmentation, and performing thorough background checks.”
When it comes to workforce, the report highlights the role of “investment in factors that increase workforce productivity as well as the ongoing development, recruitment, and retention of the security workforce” in delivering secure SLTT services.
SLTT government entities should focus on “expanding workforce development initiatives, implementing flexible hiring practices, increasing workforce productivity, and fostering local talent pipelines,” according to the report, in order to ensure a well-prepared cyber workforce to safeguard essential services against threats. -- Jacob Livesay (jlivesay@iwpnews.com)