Why your agency needs a cybersecurity boost and how to fund those efforts
Ransomware is a growing threat in the public sector, but there are tools and grants available to help police and other agencies avoid costly incidents
Sponsored by Motorola Solutions
By Police1 BrandFocus Staff
It seems every day there is another report of a cyberattack. While data breaches of large consumer institutions get the most attention, these attacks are by no means limited to businesses. Many cities and other public agencies are hit with ransomware and other kinds of cyberattacks, all of which can be incredibly disruptive and costly. One report estimates that ransomware attacks cost local and state governments over $18 billion in 2020.
It’s imperative that public safety agencies take measures to protect critical infrastructure from ransomware and other attacks by adopting strategies and tools that help prevent and avoid data breaches and system compromises.
PUBLIC SAFETY & CYBERSECURITY: WHAT’S AT STAKE
Cyber criminals are increasingly targeting public safety systems, especially the LMR, PSAP and IT environments, says Dr. Pranshu Bajpai, a Motorola Solutions security architect, and ransomware is the most common threat. These attackers cripple critical systems until the agency pays a hefty sum, sometimes millions of dollars.
“Ransomware is a highly profitable business model for adversaries,” said Bajpai.
Not only is this costing big in terms of money, already a challenge when budgets are stretched thin by COVID-19 and other issues. Security failures can be a matter of life and death when PSAPs controlling 911, dispatch and other critical communications are forced offline.
The pandemic has only complicated matters with the rapid shift to remote work, increasing the potential weaknesses and creating tempting targets for hackers.
GAIN PEACE OF MIND WITH A TRUSTED PARTNER
Thwarting cyberattacks is a huge and ongoing undertaking – one that may be beyond the financial and technical capabilities of many public safety organizations. Partnering with a managed security service provider like Motorola Solutions may be a more effective strategy than hiring and retaining a 24/7 security team in-house. This approach can provide cost-effective protection to help your agency detect, prevent and respond to cybersecurity incidents.
Managed security services provide 24/7 cybersecurity monitoring, detection and response to help public safety agencies thwart attacks and preserve critical communications infrastructure. The managed security service provider monitors activity though a security operations center that handles critical functions, including:
- Plan, configure and maintain security infrastructure.
- Detect and respond to security incidents.
- Review activity to look for signs of compromise.
- Collect and securely store log files for forensics and compliance.
For most organizations, building out a security operations center is better left to a partner that can provide this as a service, enabling you to get all the benefits without the expense and distraction of building it yourself, says John Hawley, a cybersecurity expert who leads product strategy and development for Motorola Solutions Cybersecurity Services.
“Managed security services offer many advantages for resource-strapped public safety agencies, as well as state and local governments,” Hawley said, “ensuring predictable spending, up-to-date security tools and less time spent managing technology and vendors.”
HOW TO FUND YOUR CYBERSECURITY EFFORTS
Cybersecurity doesn’t come cheap, but the alternative is far more costly. The good news is that a variety of grant funding is available for cybersecurity efforts. Grants.gov posts announcements on specific grant programs with application information.
When developing your agency’s cybersecurity plan, also look at potential federal funding sources like the Cybersecurity and Information Security Agency, FEMA and the Department of Homeland Security. For example, cybersecurity is included in FEMA’s Authorized Equipment List under “Hardware, Computer, Integrated” (04HW-01-INHW).
Some $6 billion overall is available in federal grant funding for cybersecurity initiatives by local government organizations, including law enforcement and other public safety agencies. Most police agencies will apply to grant programs like your state’s Homeland Security Grant Program (each state’s grant program will vary), the Urban Area Security Initiative grant program or the Port Security Grant Program.
When applying for Homeland Security grant programs in particular, your agency will need to complete a cybersecurity risk assessment. Your agency must address the vulnerabilities you identified through this risk assessment and your plan to address them, which can include a range of projects that focus on improving cybersecurity of critical infrastructure, as well as training and planning.
The pending bipartisan “Infrastructure Investment and Jobs Act (INVEST)” – more commonly known as the infrastructure bill – also includes strong support for broadband expansion and $1 billion in funding to be directed toward local communities and cybersecurity efforts over four years. (Click here for the latest status and details of the bill).
GET HELP FINDING FUNDING
Finding the right grants and submitting a successful application can be an arduous process. To help public safety agencies secure government funding for cybersecurity initiatives, Motorola Solutions has launched a grant assistance program with GovGrantsHelp, an affiliate of PoliceGrantsHelp. This program includes funding for services and resources for technology, IT and local government projects to assist in responding to and recovering from cyberattacks.
For more information about cybersecurity services, visit Motorola Solutions.