The Cybersecurity and Infrastructure Security Agency on Monday announced a $1.2 million grant to a think tank at University of Texas at San Antonio that will launch a pilot program to help state and local governments improve the cyber defenses of their most critical systems.
Using the grant, the university’s Center for Infrastructure Assurance and Security, which studies cybersecurity and critical infrastructure, will develop methods by which state, local, tribal and territorial agencies can better identify their high-value assets, which CISA identifies as information or an IT system “so critical to an organization that the loss or corruption of this information or loss of access to the system would have serious impact to the organization’s ability to perform its mission or conduct business.”
A 2018 Department of Homeland Security directive focused on federal high-value assets urged greater malware defense, access controls, authentication protocols and network segmentation for U.S. government systems containing personally identifiable information, classified data or financial data, which are tempting targets for criminal and state-sponsored malicious actors.
The recently reported exploitation of Microsoft’s Exchange Server email program, allegedly by Chinese hackers, potentially affected tens of thousands of organizations across the United States, including many state and local governments. Many of those organizations are still evaluating their exposure to other recent hacks, like the Accellion data breach and compromise of network monitoring software from SolarWinds.
But more recently, CISA has been encouraging a High Value Asset Program for state and local governments, adapting the 2018 directive. In a recent “CISA Insights” document, the agency recommended that public sector organizations establish high-value asset governance programs of their own. Those programs, the document claims, should include evaluations of the interconnectivity of identified systems and prioritize them based on how essential they are to an agency’s mission.
In an interview Tuesday, Natalie Sjelin, associate director of training programs at the Center for Infrastructure Assurance and Security, told StateScoop the CISA grant will be used to make the 2018 DHS guidance fit the size and needs of state and local entities.
“What we’re doing is taking that guidance and making it more scalable and flexible so the state, tribal, territorial and local governments can actually look at it and utilize it,” she said. “We’re looking at all the way from rural most small town, and how does the guidance fit them and benefit them, to the most robust state.”
Sjelin said her group’s research will look to help state and local agencies identify assets that, if they “could impact health and safety, prevent injury or protect property,” would be the most impactful if they fell victim to a cyberattack.
“Cyberattacks are going to continue to come, and they’re getting more sophisticated all the time,” she said. “If it impacts those critical systems, that’s worse. The idea behind this is that these attacks continue to happen, we want to to a point that anything is preventable.”
Over two years, UTSA researchers will use the grant money to develop best practices for state and local agencies identifying, categorizing and prioritizing high-value assets.
The center’s team includes 22 full-time staff, Sjelin, plus a roster of part-time cybersecurity professionals who will be part of the high value asset project, including serving as subject matter experts and interviewing state and local officials.