December 15, 2021
Local governments throughout Michigan have been targets of ransomware, phishing, malware, and data breaches. Thus far, the attacks have been contained and not shut down any vital systems or made national headlines; however, the attackers become more sophisticated in their methods every day. You don’t want to be the first Michigan municipality to make national news due to a cybersecurity attack.
An easy way to improve your cybersecurity is by taking advantage of the State of Michigan pre-qualified program providing an independent assessment for local public entities. This assessment (jointly completed by an independent assessor and local entity staff) quickly identifies your most critical vulnerabilities and recommends steps to address them. The program includes:
As mentioned above, the program also includes an incident response plan. A plan ensures that in the event of a security breach, the right people are in place at the right time with the right procedures to deal with the threat effectively. Let’s face it, having a cyber-attack is daunting for the most experienced team; thus, it is critical that under the pressure of an incident, correct decisions are made to bring the situation under control. If the response is not orchestrated or information is “leaked” to outside sources, the outcome could be disastrous.
Typically, the high-level incident response plan contains:
How an incident is defined, categorized, and declared
Who participates in cyber incidents?
The roles and responsibilities of each of the participants. Identify a spokesperson and escalation path(s)
The types of decisions the participants are required to make
A plan ensures that a structured investigation can provide a targeted response to contain and remediate the threat. It also provides a basis for improvement after the attack to apply lessons learned.
You can take advantage of this contract to improve your security posture through these two easy steps:
Dewpoint is uniquely qualified to assist municipalities with cybersecurity assessments and follow-up due to our experience with local governments. In 2005, we established a separate service offering focusing on the public sector to address the unique client needs. In addition, as a full-service IT company, we have certified experts in security, network, infrastructure, and applications to take a holistic view of your environment. Contact us today to get a quote to take advantage of the prequalified program.