Someone shared this with me, I wanted to pass it on. It’s from November 2017 – it’s a Network Resiliency and Security Playbook written to help local and state governments adopt best practices for preventing significant communications infrastructure failures and stopping or mitigating intrusions, hacking, and other disruptions of communications networks.
The target audiences for this Playbook include information technology (IT) leaders and staff—the government employees who are responsible for implementing, operating, and maintaining IT systems—and the users of those government networks, including first responders. Because these audiences have a range of IT knowledge and expertise, this document includes high-level introductory information and links to useful background resources, as well as detailed technical descriptions of best practices.
Why you need it…
This Playbook addresses some of the key reasons that local and state government entities need to routinely include security and resiliency in their infrastructure development processes:
Local governments are attractive targets for cyber threats because they are often easy targets—especially those that do not have sufficient security resources and expertise
Local government networks can also be attractive targets in their own right, given their maintenance of sensitive data such as tax and voter rolls, contracts, procurements, traffic data, public-run utilities, etc.
Smaller governments often experience difficulty funding and staffing critical IT functions; as a result, those local governments might delay updating systems and applications, or even patching known issues, due to worry about proper functioning of legacy systems and risk of unintended impacts
Poor or inadequate segmentation of government networks can lead to large impacts from modest intrusion efforts
Local governments’ networks are increasingly interconnected with other systems, including those of other local governments, federal agencies, and private sector partners
Ransomware attacks make any target attractive regardless of size or sensitivity of data
Storms, floods, and other natural threats are a constant concern for any network, but especially for mission-critical public safety and government communications networks
If you’re still reading this may be a great tool for you!