As many are aware, on March 21, 2022, the Biden Administration issued a statement warning of potential cyber attacks against U.S. organizations as tensions rise between Russia and the rest of the world. Ukraine is experiencing massive cyber attacks on its critical infrastructure, and there is credible intelligence that other countries could be next. Potential attacks would disrupt the lives of millions of Americans, affecting lifeline services such as power, water, healthcare services, and supply chains.

State and local government organizations need clear visibility into their risks and interconnected assets, IT governance and more. President Biden is urging a strong public-private partnership to implement best practices and harden our nation’s cyber defenses immediately. The President is also zeroing in on what governors and mayors can do right now to protect their citizens.

In a March 30 letter to every governor, the President shared a number of fundamental questions around cyber security that every state executive should be able to answer:

• Does your team know the cyber security posture of the critical infrastructure in your state?
• Do you have the authority to set and enforce cyber security baseline standards for the utilities in your state, and if so, have you done it?
• Have the Public Utility Commissions or others in your state set minimum cyber security
  standards for your critical infrastructure? If not, ask them to do so.
• Do you or your Public Utility Commissions have the ability to require critical infrastructure
  to take emergency cyber security measures? If so, have you or they required utilities to step up their security in light of the current conflict?
• Has your chief information security officer done all that he or she can do to lock down your state’s systems and put your cyber security teams on high alert?
• Have you and your emergency management team considered how you would respond to a cyber attack that has physical consequences, including impact to the operations of your critical infrastructure?

It’s important to note there is funding available to help protect state infrastructure. The Infrastructure Investment and Jobs Act establishes a program to award grants to address cyber security risks and cyber security threats to information systems owned or operated by, or on behalf of, State, local, or Tribal governments. The total amount is $1 billion, with $200 million to be awarded in FY22. Notices of funding opportunities (NOFOs) are due to be out very soon—as early as mid-May.

The Cybersecurity & Infrastructure Security Agency (CISA, part of DHS) is helping with its Shields Up initiative, supplying a repository of services, advisories, guidance, and best practices to help states get started strengthening their cyber security posture. Among CISA’s recommendations are to initiate active threat hunting in an environment and to monitor for unusual OT behavior.

Mandiant can help with guidance on how to apply for this funding. In the meantime, we’re providing services to help states and cities protect themselves right now. Mandiant Threat Intelligence offers access to Mandiant's deep understanding of global attacker behavior, informed by thousands of hours per year spent responding to breaches and managing incident response engagements.

Mandiant can identify evidence of any past or ongoing attack activity with a compromise assessment. This threat hunt will provide insight into attacker attribution and motivation, so organizations know what threat actors are targeting them. And we can help stop emerging threats before they impact IT or OT environments with the monitoring, proactive threat hunting and response provided by Managed Defense experts specializing in IT and OT security.

The convergence of IT and OT combined with global tensions has created an unprecedented cyber threat level for states and municipalities. The federal government is doing all it can to raise the alarm, and Mandiant is answering the call for a closer public-private cyber security partnership.

Register now for our May 18 webinar to learn more about funds available to state, local and tribal governments, as well as services to get started on improving security posture.