4 ways to protect your state and local government agency from cyber attacks

Key Takeaways

• State and local government agencies are an attractive target for threat actors: 70% of all U.S. ransomware attacks targeted this sector.
• Complicated and siloed security stacks create exposure for SLGs. A unified platform for exposure management improves visibility to more effectively reduce risk.
• Federal funding, like the State and Local Cybersecurity Grant Program (SLCGP), is available to help SLGs implement exposure management solutions.

Why state and local government agencies are a prime target for cyber attacks

SLGs are attractive targets for threat actors because they run critical infrastructure and maintain systems containing sensitive data, including financial and personally identifiable information.

Threat actors also go after SLGs because they’re usually under-resourced, lacking the budget, staff, and skills to maintain a strong cyber defense and keep up with a never-ending list of vulnerabilities.

At the same time, siloed security tools leave critical visibility gaps across SLGs’ attack surface — gaps attackers are eager to find and exploit.

So, what can SLGs do to decrease exposures?

It starts with getting more visibility into all assets across the entire attack surface to better assess risk, understand where to prioritize remediation, and measure progress over time, something siloed security solutions were never meant to do.

• Download this eBook to learn about four key strategies to secure your agency from cyber threats.

Build a proactive cyber defense with four key strategies

Four key strategies can help SLG agencies mitigate attacks, dramatically reduce the number of incidents to respond to, and shift security programs from reactive to proactive. 

1. Invest in exposure management

As technology becomes more complex, the need for exposure management in SLGs is greater than ever. Many agencies use a variety of different cybersecurity solutions, all of which provide different metrics and reporting, which makes it hard to gain a unified, consistent view of risk. Complicated security stacks are a vulnerability in and of themselves.

The Tenable One Exposure Management Platform can help security and remediation teams shift to a more proactive, risk-based strategy to protect the entire enterprise. 

Exposure management provides the technical and business context to accurately identify and communicate cyber risk.

With Tenable One, SLGs get a single, unified view of all assets and resulting exposure. It translates technical data into clear business insights to quickly act on.

2. Safeguard critical infrastructure

As digital and physical systems converge, critical infrastructure is a desirable target for cyber attacks, which makes operational technology (OT) security a top priority. 

Yet, the convergence of IT and OT complicates OT security because many agencies don’t have full visibility into their OT environments. Moreover, critical infrastructure often relies on outdated, under-protected technologies.

Closing critical infrastructure security gaps starts with understanding what's actually on the network.

Tenable OT Security can help bridge the gap between IT and OT. It discovers all devices on the network, whether active or dormant, and gives deep situational awareness across all sites and assets to identify vulnerable assets and mitigate threats to them.

3. Implement a zero-trust strategy

Federal mandates, including Executive Order (EO) 14028, require the implementation of a zero-trust strategy. Zero trust takes a “never trust, always verify” approach to network security and access management to prevent identity-based attacks.

Despite the mandate, there is a significant gap in zero-trust adoption. At the time of this report, only 9% of state and local government IT leaders had fully implemented zero-trust security measures. 

This strategic shift in a cyber program requires holistic visibility into the entire attack surface, a tenet of zero trust. 

Tenable One provides this foundational visibility into the entire attack surface, from IT to cloud, AI, Active Directory, and everywhere else, to help SLGs reach zero-trust goals.

4. Secure Active Directory (AD)

Active Directory is the master key to an organization's system privileges, making it a prime target for attackers. 

In fact, 57% of SLG IT leaders list Active Directory security as a top challenge. Misconfigurations, for example, can allow attackers to escalate privileges, steal credentials, and move laterally across a network.

SLGs can protect Active Directory with three key steps:

1. Enforce local administrator password solutions (LAPS).
2. Implement privileged access management (PAM).
3. Require multi-factor authentication (MFA) with strong password policies.

Tenable Identity Exposure is a powerful solution to protect Active Directory environments. It proactively finds and fixes AD weaknesses before attackers can exploit them, and can detect and respond to Active Directory attacks in real-time.

• Want more insights on securing your state or local government? Download this guide to learn more.

Funding your cybersecurity strategy

As SLGs prepare to take on new mandates and evolving threats, a top priority is ensuring the agency has the necessary funding for effective government cybersecurity solutions. The State and Local Cybersecurity Grant Program (SLCGP) has funding available to address cybersecurity risks.

Tenable can also help SLGs meet 13 of the 16 Cybersecurity Plan requirements to secure this funding, including implementing continuous vulnerability assessments, managing IT and OT systems, and tracking all assets and accounts.

Take control of your attack surface

Tenable One helps state and local government agencies get comprehensive visibility across their entire attack surface to reduce risk and meet unique modernization, security, and compliance needs. 

The exposure management platform gives SLGs a unified view of their entire attack surface through continuous asset discovery, and it prioritizes exposures based on potential risk.

• Read the free eBook to learn more about SLG cyber threats.

Frequently asked questions

Find answers to common questions about managing cyber risk for state and local government agencies.

What is exposure management?

Exposure management is a strategic approach to cybersecurity designed to reduce cyber risk by continually identifying, contextualizing, prioritizing, and closing the most urgent cyber exposures. 

Cyber exposures are toxic combinations of preventable cyber risks that can lead to significant operational disruption or other material impacts when attackers exploit them. Preventable cyber risks include vulnerabilities, misconfigurations, and excessive permissions. 

What is the State and Local Cybersecurity Grant Program (SLCGP)?

The SLCGP is a program from the Infrastructure Investment and Jobs Act (IIJA) that makes $1 billion available over four years for SLG agencies. The funds can help agencies address cybersecurity threats and risks to their information systems.

How does Tenable help implement zero trust?

Tenable One helps implement zero trust by providing continuous discovery and assessment of all assets, from IT to OT, code to cloud, and Active Directory. It then moves beyond discovery to identify specific misconfigurations and vulnerabilities, help prioritize them, and provides recommended fixes for each issue to prevent privilege escalation and lateral movement. In parallel, the platform consolidates controls and policies into a unified framework, which simplifies the process of enforcing and managing zero-trust rules across an entire network.

What are the biggest cyber threats to SLG agencies?

SLG agencies are attractive targets for cyber attacks, especially ransomware and APTs, because they maintain sensitive data and oversee critical infrastructure. Attackers exploit vulnerabilities in Active Directory to get administrator privileges and move laterally across networks.

Why is Active Directory (AD) security a challenge for governments?

The core challenge of Active Directory security for governments is that AD's complexity makes it notoriously difficult to configure. Even small, hidden misconfigurations create the exact gaps attackers need to escalate privileges, steal credentials, move laterally, and use the centralized system to hide undetected while exfiltrating sensitive data.

• Download your free SLG guide to learn how to better protect your agency from cyber threats.