In Fiscal Year 2023, through the Infrastructure Investment and Jobs Act, the Department of Homeland Security (DHS) is providing approximately $375 million to address cybersecurity risks and cybersecurity threats to information systems owned or operated by, or on behalf of, state, local, and territorial governments.
Posted Date: August 7, 2023
Closing Date for Applications: October 6, 2023
Expected Number of Awards: 56
Estimated Total Program Funding: $374,981,324
Award Floor: $500,000
Award Ceiling: $374,981,324
Each applicant must adopt key Cybersecurity Best Practices as required during the creation of the Cybersecurity Plan and within individual projects. The assessment and evaluation activities are meant to measure the successes and failures of adopted Cybersecurity Best Practices as outlined in the Cybersecurity Plan. In addition, the Cybersecurity Best Practices should consult the Cybersecurity Performance Goals (CPGs) to ensure a strong cybersecurity posture.
The Focus for 2023 Includes:
To Apply:
Eligible applicants must submit their initial application through the portal at GRANTS.GOV
GRANT EVALUATION CRITERIA
According to Grants.gov, FEMA will evaluate applications for completeness and applicant eligibility. CISA will evaluate applications for adherence to programmatic guidelines and anticipated effectiveness of the proposed investments. The review will include verification of the following elements:
- Understanding of current cybersecurity posture and areas for improvement;
- Implementation of security protections commensurate with risk;
- Training of organization personnel in cybersecurity;
- Reduction of the risks the project was designed to address; and
- Completion of the proposed projects within the 4-year period of performance.
Apply Now
Have Questions? We Have Answers!
What: Webinar on the Cybersecurity Grant
When: Thursday, August 24th, 2023
Red Trident will be putting on a live recording on Thursday, August 24th where we go over your questions regarding this grant program. If you have a question that you’d like answered, submit it here.
Either make a note to check our social media pages on the 24th or enter your email to be notified when the recording gets released.
Water Sector & Cybersecurity
Overview
With many cities jumping on the smart city bandwagon, few are stopping to think about the implications of security breaches, especially within the water and wastewater sector.
Ransomware on computers can impact operations due to loss of systems or data, but incidents involving SCADA systems can have much more severe consequences. The City of Oldsmar incident showed how easy it can be for a malicious actor to make modifications, such as adjusting the sodium hydroxide to a level that would be toxic to people. Past events like this show how cybersecurity incidents at water treatment facilities can have the potential to cause serious harm to the public. They can also result in significant damage to plant, major outages, harm to the environment, serious regulatory actions, and major negative publicity.
Common Causes of Cyberattacks
Cybersecurity incidents aren’t always from specialist hackers trying to disrupt society. Reality is, rural systems are much more likely to experience an incident through other causes. The following is the list of likely causes, in priority order:
- Mistake made by authorized employee or contractor
- Current or former disgruntled employee or contractor seeking revenge
- Ransomware attack from organized crime or random individual
- Targeted attack from nation state
Basic Cybersecurity Recommendations for Water Sector
Some of the basic actions that can reduce the likelihood of a cybersecurity incident within the water or wastewater sectors includes the following actions
- Remove Insecure Remote Access: SCADA servers and HMIs should not be using remote access software such as Team Viewer, LogMeIn, Parallels Access, etc. Authorized users should only be able to access your SCADA resources through secure channels involving multiple layers of protection.
- Vulnerability Scanning & Penetration Tests: CISA’s Vulnerability Scanning is a free service that continuously assesses the health of your internet-accessible assets by checking for known vulnerabilities, weak
configurations—or configuration errors—and suboptimal security practices. Once those findings have been remediated, we then recommend getting a penetration test performed with a purple team focus. - Training & Awareness: Employees and contractors should be aware of the cybersecurity risks that exist, and the actions that they need to take to contribute to the mitigation of these risks. Red Trident offers a Prevention Training that includes general education, skill development, blue team preparedness, incident response preparedness, and other courses to ensure your organization has the right skills.
- Secure User Accounts: Tools such as Keeper and 1Password can be beneficial to make sure credentials are unique, strong and haven’t been leaked on the dark web.
- Proper Offboarding Processes: Since disgruntled former employees can pose a large risk, it’s vital to make sure you have a well documented offboarding process. It’s important to lay out who is in charge of each step such as collecting devices, removing access, etc.
Water Sector Threat Categories
EPA has grouped cyber-attacks on water utilities into two threat categories. One is cyber-attack on business enterprise systems, which includes computer-based communications, fnancial, data and record keeping, and other related systems. The second is cyberattack on process control systems, which includes electronic monitoring and control systems used for water collection, treatment, storage, and distribution across the utility. Image below is from epa.gov
How Red Trident Can Help
Red Trident is very experienced in the water and wastewater treatment sectors. We’re one of the few OT cybersecurity companies that not only provides services like cybersecurity assessments, but we also offer remediation services and can help solve any issues that are outside of your team’s expertise.
Contact Us
Why Red Trident
We work with you and do our best to be your cybersecurity partner. We listen to your concerns and make sure that we’re aligned with your business priorities. We don’t just come in, sell a service, write a report and walk away. We’re here for you. We explain our findings, answer any questions you might have and work with you to help where needed.
Unlike most ICS cybersecurity companies, we have the expertise to offer remediation services, especially when it comes to critical infrastructure. And if you have your own team, that’s great! We’re happy to take a step back as your team handles the remediation (or parts of it). We can also provide training to your team if they need some assistance. We’re flexible.
Our team consists of leaders in the ICS field with decades of combined experience in the public sector, private sector, and military. We’ve presented at major security conferences such as DEF CON, BlackHat, various ISAC’s, SANS ICS Summits, etc. We also understand how to communicate in a way that is easy to understand so you don’t end up feeling overwhelmed or confused.
Did you find this article helpful? If so, please share!
