Municipal Cybersecurity Toolkit
Resources to Support Municipal Cyber Resiliency
To prepare for National Cybersecurity Awareness Month 2022, in August 2022 CyberSC developed a toolkit to help municipal leaders understand the cybersecurity posture of their municipality and figure out next steps for protecting their municipal infrastructure against cyber threats.
The intent is to provide guidance and action steps necessary to get the conversation started around cybersecurity preparedness and ultimately protect municipal infrastructure against cyber threats before they occur.
Getting Started
1. Why Cybersecurity?
Municipal Operations & Finance
Public Safety
2. What is Cybersecurity?
Ransomware3. How Do I Prepare?
Achieve a Minimum Baseline of Cybersecurity
Business Planning
| Getting Started: Conversations to have with Business Process Owners and IT Staff |
Sets of questions for municipal leaders for conversation with Business Process Owners, IT Staff, and Service Providers to assess cybersecurity preparedness and to consider next steps in developing a plan. |
| Cyberplanner Tool for Creating a Custom Cybersecurity Plan |
Tool for creating a custom cybersecurity plan with expert advice to address specific business needs and concerns. |
| Considerations for Business Impact Analysis |
This article outlines the steps and considerations of a Business Impact Analysis, including the consequences of a business function disruption and the information needed to develop recovery strategies. |
| Business Impact Analysis - Guide and Template |
Guide for Agencies to conduct Business Impact Analysis with Step-by-Step guidance and a template. https://www.oregon.gov/das/Procurement/Guiddoc/BusImpAnalysQs.doc |
| Contingency Planning Guide and Process Template (NIST SP 800-34) |
Guide with instructions, recommendations, and considerations for IT contingency planning - interim measures to recover IT services after an emergency or system disruption. https://csrc.nist.gov/publications/detail/sp/800-34/rev-1/final |
| FEMA Business Impact Analysis Worksheet |
Business Impact Analysis - FEMA Quick Reference Template. https://www.fema.gov/sites/default/files/2020-07/fema_BIA-Risk-Management-Worksheet.pdf |
Ransomware
| CISA Insights - Ransomware Outbreak |
This CISA bulletin lays out three sets of straightforward steps any organization can take to protect themselves or recover from a ransomware attack. https://www.us-cert.gov/sites/default/files/2019-08/CISA_Insights-Ransomware_Outbreak_S508C.pdf |
| CISA Security Tip - Protecting Against Ransomware |
Tip Sheet with recommendations for protecting against ransomware. |
| Incidents of Ransomware on the Rise - Protect Yourself and Your Organization |
Article about ransomware with Tips for Dealing with Ransomware Threat. |
| MS-ISAC Security Primer on Ransomware | https://www.cisecurity.org/white-papers/security-primer-ransomware/ |
| NASCIO Cyber Disruption Planning Guide | https://www.nascio.org/wp-content/uploads/2019/11/NASCIO_CyberDisruption_072016.pdf |
| Ransomware explained: How it works and how to remove it |
Despite a recent decline, ransomware is still a serious threat. Here's everything you need to know about the file-encrypting malware and how it works. https://www.csoonline.com/article/3236183/what-is-ransomware-how-it-works-and-how-to-remove-it.html |
| STOP RANSOMEWARE |
The U.S. Government's official one-stop location for resources to tackle ransomware more effectively. |
| U.S. Small Business Association RANSOMWARE FACTS & TIPS |
As technology evolves, the prevalence of ransomware attacks is growing among businesses and consumers alike. It’s important for digital citizens to be vigilant about basic digital hygiene in an increasingly connected world. This fact sheet explains what ransomware is and what you can do about it. |
General Resources
| Cybersecurity is Everyone's Job |
Everyone in a local government has an important role to play in helping to minimize cybersecurity risks. |
| Online Cybersecurity Safety Basics |
Free online security tips and resources. https://staysafeonline.org/stay-safe-online/online-safety-basics/ |
| Center for Internet Security (CIS) | https://www.cisecurity.org/ |
| Cybersecurity and Infrastructure Security Agency (CISA) | https://www.cisa.gov/ |
| Department of Homeland Security (DHS) | https://www.dhs.gov/ |
| Federal Bureau of Investigations (FBI) | https://www.fbi.gov/investigate/cyber |
| Federal Communications Commission (FCC) |
Helps organizations create and save a custom cybersecurity plan quickly to address specific business needs and concerns. |
| Federal Trade Commission (FTC) | https://www.ftc.gov/tips-advice/business-center/small-businesses/cyberse... |
| How to Recognize and Avoid Phishing Scams |
FTC Tip Sheet on how to recognize and avoid phishing scams. https://www.consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams |
The SC Cyber Association , a 501(c)(6) non-profit that provides professional development and connection opportunities in the Palmetto State. |
The SC Cyber Foundation , a 501(c)(3) non-profit that provides funding for cyber education in the Palmetto State. |
CyberSC is a member affiliate of CyberUSA |
.png){kind=small}
Campaign #1: Savannah River Middle Schools STEM/Cyber Kits
Goal: $50,000.00
Collected: $1,096.00
2%
|