Michigan Local Governments – Cyber Targets
Local governments throughout Michigan have been targets of ransomware, phishing, malware, and data breaches. Thus far, the attacks have been contained and not shut down any vital systems or made national headlines; however, the attackers become more sophisticated in their methods every day. You don’t want to be the first Michigan municipality to make national news due to a cybersecurity attack.
An Easy Way to Increase your Cybersecurity Posture
An easy way to improve your cybersecurity is by taking advantage of the State of Michigan pre-qualified program providing an independent assessment for local public entities. This assessment (jointly completed by an independent assessor and local entity staff) quickly identifies your most critical vulnerabilities and recommends steps to address them. The program includes:
- Detailed findings report from the initial assessment
- Monthly one-hour coaching session to ensure you are on the right path in addressing the vulnerabilities and discuss any new issues
- Annual cybersecurity prioritized improvement plan including a timeline
- Basic cyber incident response plan
- End of the year assessment to report on progress
- Final evaluation comparing the improvement plan goals and recommendations to the current security posture
An Incident Response Plan to Address the Unexpected
As mentioned above, the program also includes an incident response plan. A plan ensures that in the event of a security breach, the right people are in place at the right time with the right procedures to deal with the threat effectively. Let’s face it, having a cyber-attack is daunting for the most experienced team; thus, it is critical that under the pressure of an incident, correct decisions are made to bring the situation under control. If the response is not orchestrated or information is “leaked” to outside sources, the outcome could be disastrous.
Typically, the high-level incident response plan contains:
CategorizationHow an incident is defined, categorized, and declared
ParticipantsWho participates in cyber incidents?
Roles and ResponsibilitiesThe roles and responsibilities of each of the participants. Identify a spokesperson and escalation path(s)
DecisionsThe types of decisions the participants are required to make
A plan ensures that a structured investigation can provide a targeted response to contain and remediate the threat. It also provides a basis for improvement after the attack to apply lessons learned.
Links to access the program
You can take advantage of this contract to improve your security posture through these two easy steps:
- Click here to learn more about the Independent Cybersecurity Assessments for Local Public Entities in Michigan
- To view the pre-qualified vendor list, click here.
How Dewpoint Can Help You
Dewpoint is uniquely qualified to assist municipalities with cybersecurity assessments and follow-up due to our experience with local governments. In 2005, we established a separate service offering focusing on the public sector to address the unique client needs. In addition, as a full-service IT company, we have certified experts in security, network, infrastructure, and applications to take a holistic view of your environment. Contact us today to get a quote to take advantage of the prequalified program.