Cybersecurity threats are steadily on the rise nationwide, not just for the business community but for state, local, and territorial (SLT) governments as well. They appear to be a sweet spot for cybercriminals, especially when it comes to ransomware attacks. That’s because today’s culprits know these operations often do not have the resources to develop, much less maintain, a comprehensive cybersecurity strategy.
Recognizing this trend, and in an effort to boost SLT governments’ cybersecurity efforts, the Department of Homeland Security (DHS) recently made an additional $374.9 million available in grant funding. It is accessible through the 2023 State and Local Cybersecurity Grant Program (SLCGP), which will provide $1 billion in funding to SLT partners over four years. In FY22, $185 million was available to reduce cyber risk and build resilience against evolving cybersecurity threats.
SLT governments have until October 6th to apply for this FY23 grant opportunity. Award recipients may use the funding for a wide range of cybersecurity improvements and capabilities, including cybersecurity planning and exercising, hiring cyber personnel, and improving the daily services that citizens rely on. Such proactive measures can go a long way toward safeguarding government operations and constituents’ personal data.
Consider the numbers: Based on publicly available reports from Emisoft, 106 state or municipal governments or agencies were affected by ransomware in 2022 (up from 77 in 2021). Data was stolen in at least 27 incidents, equating to 25 percent. Disregard one 55-county-related incident in Arkansas, and that number increases to 53 percent (up from 47 percent in 2021).
Also, consider the costs associated with ransomware attacks on SLT governments. In 2022, Quincy, Massachusetts, paid a staggering ransom demand of $500,000. So did Delaware County, Pennsylvania, in 2020. Unfortunately, others, including the cities of Baltimore, Maryland, and Atlanta, Georgia, have paid much more in both ransom and recovery; $18.2 million (2019) and $17 million (2018), respectively.
At BOLDplanning, a division of Agility, we strongly encourage your SLT government to learn more about the SLCGP. It is jointly administered by the Cybersecurity and Infrastructure Security Agency (CISA) and FEMA. Find more information and helpful resources on the SLCGP on FEMA’s webpage: State and Local Cybersecurity Grant Program | FEMA.gov.
We also encourage your SLT government to review and test its emergency, continuity, and IT disaster recovery plans. Doing so can help mitigate or remediate cybersecurity vulnerabilities, including dangerous and, oftentimes, ransomware attacks. It will also improve its resilience to natural disasters and other common hazards.
BOLDplanning blends world-class emergency, continuity, and hazard mitigation planning services with easy, accessible online software. The result is a comprehensive source for ensuring your organization is prepared for any emergency or disruption.