Some Good Cybersecurity News: Increased Funding for State and Local Cybersecurity
There’s generally no shortage of bad, worrisome, and even scary cyber related news. So it’s always great to see some good cyber news, like this recent headline at The Record:
It’s a sad reality that many cyber attackers, especially those behind many of the most damaging ransomware attacks, don’t have many boundaries when it comes to choosing their targets. They’re also not known for having a great deal of concern about potential impacts that cause disruption to people’s lives and even risks to their safety. This is reflected in data that shows that cyber attacks against municipalities and healthcare organizations have been on the rise over recent years.
Many cities have been victims of ransomware attacks that caused outages and disruptions that lasted from days to months. Hospitals may have been even more heavily targeted. Two very recent examples here in the US are ransomware attacks on the city of Dallas, Texas and against hospitals across several states, which caused emergency room to be closed and ambulances to be diverted.
On to the good news now. The $375 million funding mentioned in the headline is an increase of almost $100 million over the first year’s grant to the State and Local Cybersecurity Grant Program (SLCGP). CISA’s article on this new funding states that The State and Local Cybersecurity Grant Program was created under the Bipartisan Infrastructure Investment and Jobs Act and provides $1 billion in funding to SLT partners over four years.
CISA (the Cybersecurity and Infrastructure Security Agency) and FEMA (The Federal Emergency Management Agency) are partnering in these efforts to support the mission of the SLCGP:
With this funding, the Department of Homeland Security reinforces our commitment and partnership to help ensure our state, local and territorial (SLT) government partners can build the cyber capabilities that they need.
This is great news for at least a couple of reasons. First and foremost, it’s great to think that more financial and human resources can be allocated to these essential areas. This also supports the idea that bolstering our national cybersecurity strength goes beyond just looking at federal agencies and critical infrastructure entities. CISA’s director, Jen Easterly, mentioned the need for a new model of sustainable cybersecurity in her foreword to Rick Howard’s excellent book Cybersecurity First Principles. Here’s a little more from that Foreword:
Today, giving our complex, dynamic, and highly interconnected environment, boards and company leadership must now consider the broader picture and the critical role they play in their companies and in society's resilience.
These words were aimed at enterprise level companies and boards, but I think they fit just as well, or are even more applicable to our healthcare organizations and cities.