Resources to Support Municipal Cyber Resiliency
For National Cybersecurity Awareness Month 2019, the Cyber Resilient Massachusetts Municipality Sub-working Group has developed a toolkit to help municipal leaders begin to understand the cybersecurity posture of their municipality and figure out next steps for protecting municipal infrastructure against cyber threats.
The intent is to provide guidance and action steps necessary to get the conversation started around cybersecurity preparedness and ultimately protect municipal infrastructure against cyber threats before they occur.
1. Why Cybersecurity?
2. What is Cybersecurity?
3. How Do I Prepare?
|Getting Started: Conversations to have with Business Process Owners and IT Staff||
Sets of questions for municipal leaders for conversation with Business Process Owners, IT Staff, and Service Providers to assess cybersecuity preparedness and to consider next steps in developing a plan.
|Cyberplanner Tool for Creating a Custom Cybersecurity Plan||
Tool for creating a custom cybersecurity plan with expert advice to address specific business needs and concerns.
|Considerations for Business Impact Analysis||
This article outlines the steps and considerations of a Business Impact Analysis, including the consequences of a business function disruption and the information needed to develop recovery strategies.
|Business Impact Analysis - Guide and Template||
Guide for Agencies to conduct Business Impact Analysis with Step-by-Step guidance and a template.
|Contingency Planning Guide and Process Template (NIST SP 800-34)||
Guide with instructions, recommendations, and considerations for IT contingency planning - interim measures to recover IT services after an emergency or system disruption.
|FEMA Business Impact Analysis Worksheet||
Business Impact Analysis - FEMA Quick Reference Template.
Good Cyber Hygiene
|How to Recognize and Avoid Phishing Scams||
FTC Tip Sheet on how to recognize and avoid phishing scams.
|CISA Insights - Ransomware Outbreak||
This CISA bulletin lays out three sets of straightforward steps any organization can take to protect themselves or recover from a ransomware attack.
|CISA Security Tip - Protecting Against Ransomware||
Tip Sheet with recommendations for protecting against ransomware.
|CISA Tip Sheet on Ransomware||
Information on what ransomware is and what organizations can do to protect against the threat.
|CISA, MS-ISAC, NGA & NASCIO Recommended Immediate Action to Safeguard Against Ransomware Attacks||
Essential recommended actions to enhance your defensive posture against ransomware.
|Incidents of Ransomware on the Rise - Protect Yourself and Your Organization||
Article about ransomware with Tips for Dealing with Ransomware Threat.
|MS-ISAC Security Primer on Ransomware||https://www.cisecurity.org/white-papers/security-primer-ransomware/|
|NASCIO Cyber Disruption Planning Guide||https://www.nascio.org/Portals/0/Publications/Documents/2016/NASCIO_CyberDisruption_072016.pdf|
|Ransomware explained: How it works and how to remove it||
Despite a recent decline, ransomware is still a serious threat. Here's everything you need to know about the file-encrypting malware and how it works.
|U.S. Small Business Association RANSOMWARE FACTS & TIPS||
As technology evolves, the prevalence of ransomware attacks is growing among businesses and consumers alike. It’s important for digital citizens to be vigilant about basic digital hygiene in an increasingly connected world. This fact sheet explains what ransomware is and what you can do about it.
|Cybersecurity is Everyone's Job||
Everyone in a local government has an important role to play in helping to minimize cybersecurity risks.
|Online Cybersecurity Safety Basics||
Free online security tips and resources.
|Center for Internet Security (CIS)||https://www.cisecurity.org/|
|Cybersecurity and Infrastructure Security Agency (CISA)||https://www.cisa.gov/|
|Department of Homeland Security (DHS)||https://www.dhs.gov/|
|Federal Bureau of Investigations (FBI)||https://www.fbi.gov/investigate/cyber|
|Federal Communications Commission (FCC)||
Helps organizations create and save a custom cybersecurity plan quickly to address specific business needs and concerns.
|Federal Trade Commision (FTC)||https://www.ftc.gov/tips-advice/business-center/small-businesses/cyberse...|