The Whole of State program is now providing State and Local Cybersecurity Grant Program funds to measure the cybersecurity health of city and local agencies. Find out the three key areas you need to focus on to make it a success for your community.<\/p>\n

\u200b[[{“value”:”<\/p>\n

State and local organizations provide services which are the foundation upon which our society operates.<\/em>\u00a0 This same foundation is at risk for cybersecurity incidents, so the federal government is providing grants via the State and Local Cybersecurity Grant Program (SLCGP) to support the cybersecurity health of city and local agencies. The SLCGP will provide $1B from FY22-25. States will administer the funds and determine a plan to implement and maintain security offerings. This program is known as \u201cWhole of State\u201d.<\/em><\/p>\n

Considerations for Whole of State Program Success<\/h2>\n

When states implement a \u201cWhole of State\u201d program, there are operational, funding, and security items that must be considered to ensure its success.<\/p>\n

Operational<\/strong><\/p>\n

Local organizations often lack the capacity to take on additional cybersecurity responsibilities and will need help to implement and maintain security solutions. Many states are remedying this by using partnerships with public and private service providers. Network providers, fusion centers, solutions vendors, private service providers and others are being considered in the delivery of these solutions and services.<\/p>\n

Operationally, there is so much variation in what security support local organizations need that a single security solution will rarely be sufficient. For example, some may need multi-factor authentication (MFA), while others may need Extended Detection and Response (XDR) capabilities. As a result, states are looking at multiple providers for a given solution, or multiple solutions from a given provider, to allow as much flexibility as possible. This allows local governments to have autonomy in selecting the kinds of security solutions or services that best fit their needs.<\/p>\n

<\/a><\/p>\n

Funding<\/strong><\/p>\n

The SLCGP encourages governments to invest in cybersecurity programs that will collectively raise the security maturity levels of state and local organizations. In doing so, state governments will need to assign resources to handle planning of fund distribution, managing associated purchasing vehicles, and monitoring the use of funds to make sure they\u2019re achieving the desired outcomes.<\/p>\n

Elected officials are under pressure to proactively address cybersecurity threats, but there may be other legislative priorities that pull resources away from any programs. Also, since the grant expires in FY25, there must be a future funding model that continues support for the ongoing operational costs that will exist past that time.<\/p>\n

Since states don\u2019t want to create new purchasing vehicles to administer the SLCGP funds, they\u2019re finding that the most effective way to use the funds is by interagency reimbursements for qualifying local purchases. Leveraging existing purchasing agreements with vendors will also allow states to have economies of scale to get the lowest possible price, without needing a new purchasing vehicle.<\/p>\n

Security<\/strong><\/h3>\n

SLCGP funding is to be used to improve ransomware defenses and overall cyber-resilience of state and local organizations. States are planning to use the funds for awareness and workforce development training, MFA and XDR, and improving their state-level incident response capabilities.<\/p>\n

Sometimes, the state CISO and security team are a core member of the program team, supporting local governments or state security operations centers. More often, the state security team is not operationally involved. Instead the state will use other partners to implement and maintain a solution.\u00a0 Regardless, security solutions already in use by the state can influence plans for state and local organizations \u2013 providing the opportunity to leverage known partnerships and proven toolsets for better efficiencies.<\/p>\n

Lastly, there is the issue of Cybersecurity Education. It has three components:<\/p>\n

General awareness for government employees and sometimes state residents
\nInternships and training for cybersecurity professionals
\nK12 and Higher Education training partnerships.<\/p>\n

States are looking to their public education institutions to provide the training needed. The good news is that SLCGP funding can assist in this area by providing teacher training and curriculum development.<\/p>\n

Whole of State and Cisco<\/h2>\n

Cisco can leverage its global insights, trusted expertise in government, and portfolio scale to provide security solutions across all elements of a state and local ecosystem. Cisco understands the unique needs of the public sector and brings to bear security products designed to address the primary threats facing our customers. To deliver the best outcomes for the SLCGP program, Cisco recommends:<\/p>\n

Engaging across local governments to leverage economies of scale for core security product
\nAddress biggest threats first \u2013 likely ransomware \u2013 to ensure resiliency
\nConsider a consortium of partners to ensure successful implementations of security services.<\/p>\n

Additional Resources for Whole of State<\/h2>\n

eBook: The Guide to Modern, Efficient Cybersecurity for Government<\/a>
\nStateRAMP: Understanding Authorization of Cisco\u2019s Security Solutions<\/a>
\nExplore solutions for state and local government at com\/go\/slg<\/a><\/p>\n

\n\t\tShare\n

\n

<\/div>\n<\/div>\n

\n

\n\t\t<\/a>\n\t<\/div>\n<\/div>\n

\n

\n\t\t<\/a>\n\t<\/div>\n<\/div>\n

\n

\n\t <\/a>\n\t<\/div>\n<\/div>\n<\/div>\n

Share:<\/div>\n

\n

\n

<\/div>\n<\/div>\n

\n

\n\t\t<\/a>\n\t<\/div>\n<\/div>\n

\n

\n\t\t<\/a>\n\t<\/div>\n<\/div>\n

\n

\n\t <\/a>\n\t<\/div>\n<\/div>\n<\/div>\n

“}]]\u00a0\u00a0The Whole of State program is now providing State and Local Cybersecurity Grant Program funds to measure the cybersecurity health of city and local agencies. Find out the three key areas you need to focus on to make it a success for your community.\u00a0\u00a0Read More<\/a>\u00a0Cisco Blogs\u00a0<\/p>","protected":false},"excerpt":{"rendered":"

<\/p>\n

The Whole of State program is now providing State and Local Cybersecurity Grant Program funds to measure the cybersecurity health of city and local agencies. Find out the three key areas you need to focus on to make it a success for your community.<\/p>\n

\u200b[[{“value”:”<\/p>\n

State and local organizations provide services which are the foundation upon which our society operates.<\/em>\u00a0 This same foundation is at risk for cybersecurity incidents, so the federal government is providing grants via the State and Local Cybersecurity Grant Program (SLCGP) to support the cybersecurity health of city and local agencies. The SLCGP will provide $1B from FY22-25. States will administer the funds and determine a plan to implement and maintain security offerings. This program is known as \u201cWhole of State\u201d.<\/em><\/p>\n

Considerations for Whole of State Program Success<\/h2>\n

When states implement a \u201cWhole of State\u201d program, there are operational, funding, and security items that must be considered to ensure its success.<\/p>\n

Operational<\/strong><\/p>\n

Local organizations often lack the capacity to take on additional cybersecurity responsibilities and will need help to implement and maintain security solutions. Many states are remedying this by using partnerships with public and private service providers. Network providers, fusion centers, solutions vendors, private service providers and others are being considered in the delivery of these solutions and services.<\/p>\n

Operationally, there is so much variation in what security support local organizations need that a single security solution will rarely be sufficient. For example, some may need multi-factor authentication (MFA), while others may need Extended Detection and Response (XDR) capabilities. As a result, states are looking at multiple providers for a given solution, or multiple solutions from a given provider, to allow as much flexibility as possible. This allows local governments to have autonomy in selecting the kinds of security solutions or services that best fit their needs.<\/p>\n

<\/a><\/p>\n

Funding<\/strong><\/p>\n

The SLCGP encourages governments to invest in cybersecurity programs that will collectively raise the security maturity levels of state and local organizations. In doing so, state governments will need to assign resources to handle planning of fund distribution, managing associated purchasing vehicles, and monitoring the use of funds to make sure they\u2019re achieving the desired outcomes.<\/p>\n

Elected officials are under pressure to proactively address cybersecurity threats, but there may be other legislative priorities that pull resources away from any programs. Also, since the grant expires in FY25, there must be a future funding model that continues support for the ongoing operational costs that will exist past that time.<\/p>\n

Since states don\u2019t want to create new purchasing vehicles to administer the SLCGP funds, they\u2019re finding that the most effective way to use the funds is by interagency reimbursements for qualifying local purchases. Leveraging existing purchasing agreements with vendors will also allow states to have economies of scale to get the lowest possible price, without needing a new purchasing vehicle.<\/p>\n

Security<\/strong><\/h3>\n

SLCGP funding is to be used to improve ransomware defenses and overall cyber-resilience of state and local organizations. States are planning to use the funds for awareness and workforce development training, MFA and XDR, and improving their state-level incident response capabilities.<\/p>\n

Sometimes, the state CISO and security team are a core member of the program team, supporting local governments or state security operations centers. More often, the state security team is not operationally involved. Instead the state will use other partners to implement and maintain a solution.\u00a0 Regardless, security solutions already in use by the state can influence plans for state and local organizations \u2013 providing the opportunity to leverage known partnerships and proven toolsets for better efficiencies.<\/p>\n

Lastly, there is the issue of Cybersecurity Education. It has three components:<\/p>\n

General awareness for government employees and sometimes state residents
\nInternships and training for cybersecurity professionals
\nK12 and Higher Education training partnerships.<\/p>\n

States are looking to their public education institutions to provide the training needed. The good news is that SLCGP funding can assist in this area by providing teacher training and curriculum development.<\/p>\n

Whole of State and Cisco<\/h2>\n

Cisco can leverage its global insights, trusted expertise in government, and portfolio scale to provide security solutions across all elements of a state and local ecosystem. Cisco understands the unique needs of the public sector and brings to bear security products designed to address the primary threats facing our customers. To deliver the best outcomes for the SLCGP program, Cisco recommends:<\/p>\n

Engaging across local governments to leverage economies of scale for core security product
\nAddress biggest threats first \u2013 likely ransomware \u2013 to ensure resiliency
\nConsider a consortium of partners to ensure successful implementations of security services.<\/p>\n

Additional Resources for Whole of State<\/h2>\n

eBook: The Guide to Modern, Efficient Cybersecurity for Government<\/a>
\nStateRAMP: Understanding Authorization of Cisco\u2019s Security Solutions<\/a>
\nExplore solutions for state and local government at com\/go\/slg<\/a><\/p>\n

\n\t\tShare<\/p>\n

\n

<\/div>\n<\/div>\n

\n

\n\t\t<\/a>\n\t<\/div>\n<\/div>\n

\n

\n\t\t<\/a>\n\t<\/div>\n<\/div>\n

\n

\n\t <\/a>\n\t<\/div>\n<\/div>\n<\/div>\n

Share:<\/div>\n

\n

\n

<\/div>\n<\/div>\n

\n

\n\t\t<\/a>\n\t<\/div>\n<\/div>\n

\n

\n\t\t<\/a>\n\t<\/div>\n<\/div>\n

\n

\n\t <\/a>\n\t<\/div>\n<\/div>\n<\/div>\n

“}]]\u00a0\u00a0The Whole of State program is now providing State and Local Cybersecurity Grant Program funds to measure the cybersecurity health of city and local agencies. Find out the three key areas you need to focus on to make it a success for your community.\u00a0\u00a0Read More<\/a>\u00a0Cisco Blogs\u00a0<\/p>\n

<\/p>\n","protected":false},"author":0,"featured_media":3211,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[12],"tags":[],"class_list":["post-3210","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cisco-learning"],"yoast_head":"\n