The impact of cybersecurity breaches and ransomware attacks on the US public sector is profound. More often than not, we hear of the most newsworthy breaches. These are the high-profile attacks that occur when the volume of data compromised or funds stolen is significantly high or has to do with a globally leading business.
But, things go beyond these immediate losses to the agency or company. For example, the cost implications for US public sector entities and taxpayers are notably high, often into the billions of dollars.
Numbers suggest that recovery and downtime costs for companies that suffered the brunt of cyberattacks are as high as nearly $19 billion. MSPs who currently offer or hope to offer services to government agencies should remember that a large chunk of these costs pertain to the public sector, as studies have found that 45% of all ransomware attacks in the past 12 months were directed at municipal governments.
Since its spread and scale are significantly deep, it is vital to approach cybersecurity solutions structurally. For example, arbitrary responses might keep things secure for a while, but having a structured response is essential for long-term protection, especially for state and local governments.
This realization has led the House of Representatives to incorporate a well-laid-out cybersecurity component, worth $1.9 billion, into the larger $1.2 trillion infrastructure bill signed into law on November 5th.
The bill is 2,700-pages long. Still, we dove in to uncover the key takeaways that stand to impact MSPs the most. We present them below:
Grants for the Public Agencies
MSPs that work with public agencies and local governments should be mindful of their allocations. For instance, the bill has a provision of over $1 billion for four years for the SLTT grant program. This State, Local, Tribal and Territorial grant program aims to provide federal cybersecurity assistance. Allocation-wise, four-fifths (or 80%) of the grant would be going to the local governments who are – in turn – served by MSPs.
There is another grant program that aims at providing aid to protect critical infrastructure from cyberattacks. This grant – worth $250 million – is also for the state and city public authorities, who would have to offer a detailed outline of how they will spend the grant for cyber and infrastructure security.
These state and local governments would need MSPs in their plans to respond to and safeguard against cyber attacks to become eligible for The Rural and Municipal Utility Advanced Cybersecurity Grant and Technical Assistance Program.
Grants for Protecting Vital Resources: Water and Energy
The Clean Water Infrastructure Resilience and Sustainability Program earmarks $75 million over five years to make the publicly owned treatment works more resilient from cybersecurity threats or natural hazards.
Understandably, this fund also goes to the state and local governments. Additionally, the Midsize and Large Drinking Water System Infrastructure Resilience and Sustainability Program awards grant worth $50 million a year for five years. Cybersecurity threats are one of the risks that this grant program seeks to avert.
To identify which public water systems are vulnerable to threats, providers can consult the list prepared by the Cybersecurity and Infrastructure Security Agency (CISA), which compiles public water systems deemed vulnerable to attacks.
Another $550 million is allocated towards the Department of Energy. Again, one of the areas the fund earmarked is for cybersecurity response.. Out of this, $250 million goes to rural and municipal utilities.
The receiving agencies must design cybersecurity applications and technologies to access these funds.
Additional Funds
The $100 million Response and Recovery Fund aims to support both public and private companies in their recovery efforts from cyberattacks. The DHS’s Science and Technology Directorate has over $150 million earmarked to invest in cybersecurity and tech research over five years. The Federal Highway Administration needs to create a new tool to obtain these funds in two years. In addition, the tool would help transportation authorities perfect their process of identifying, detecting, protecting against, responding to, and recovering from cyber incidents.
A Comprehensive Solution to Help MSPs Leverage Infrastructure Bill Opportunities
State and local governments are eligible for these funds cited above. But, what they need to do is develop a robust plan and invest judiciously. And, this is where the Acronis SCS Cyber Protect Cloud solution comes into play. It is a solution designed specifically to meet the US public sector’s compliance standards.
The solution has FIPS 140-2 certification, is HIPAA compliant and is CJIS verified. The FIPS 140-2 certification helps ensure the highest grade data encryption, while HIPAA compliance guarantees best-in-class data confidentiality and integrity.
The Acronis SCS support and data centers are 100% US-based, while our employees are all US citizens.
What to Look Forward To?
Acronis SCS Cyber Protect Cloud offers safe and reliable backup, ransomware protection, and seamless syncing and sharing of files. The services are flexible and user-friendly. In terms of operability, you can mix and match and plug and play. It also features a pay-as-you-go pricing model.
For MSPs wanting to assist state and local governments in a more structured and long-term fashion, Acronis SCS helps partners avoid compliance delays and focus on specific agency needs. Acronis SCS is the perfect partner for MSP who want to leverage the Infrastructure Bill’s cybersecurity provisions for their clients.