As the college football season enters its final quarter, all the great teams have built a detailed in-depth playbook to get them to the end zone. And the great teams wouldn’t be great without that playbook setting them up for success. But a winning playbook is far more than just drawings of routes and coverages. Its structure tells a story of how a team builds and maintains a winning program from the ground up, a tale very similar to that found in the world of government cybersecurity. This is especially true with recent cybersecurity grant opportunities.
College football playbooks can be between 200 and 500 pages. They come in all shapes and size from old school printouts to PDF downloads — or even an iPad app. Before you get to the meat, they detail basic but critical information such as team goals, the responsibilities of individual team members, comprehensive stats, every facet on how to huddle properly, and hundreds of team building topics. Everything a team needs to guide them to success is in these playbooks. It is the responsibility (some would even say privilege) of the player and coach to know the playbook inside and out.
Our playbook for cybersecurity
When it comes to the Infrastructure Investment and Jobs Act (IIJA) of 2021, Cisco is ahead of the game and ready to assist. The IIJA authorized the State and Local Cybersecurity Improvement Act, which established the State and Local Cybersecurity Grant Program. This high value program gives state and local governments like yours access to $1 billion over four years.
To help you better understand and maximize funding via the program, Cisco’s team of security and funding experts are here to help. We have a ready-built suite of proactive and reactive incident response services that deliver the visibility, resiliency, and threat intelligence you need to prepare, respond, and go above and beyond the Act (Explore FAQs). We also offer expert advice on the grant program and process through our experts in the Cisco Public Funding Office.
Overview of the State and Local Cybersecurity Grant Program
A key requirement of receiving funds from the State and Local Cybersecurity Grant Program includes establishing a cybersecurity planning committee. This committee is tasked with creating a customized cybersecurity plan (basically, a playbook). Just as in college football, a playbook is essential for state and local governments as they tackle growing cyber threats.
This is a first-of-its kind cybersecurity grant. It’s also important to understand that the grant program provides funding to eligible entities so they can specifically address cyber risks and threats to their information systems. This includes those systems owned or operated by (or on behalf of) state, local, or tribal governments.
The legislation requires states to distribute at least 80 percent of funds to local governments, with a minimum of 25 percent of the allocated funds distributed to rural areas. The Grant is 1 billion dollars over 4 years:
- FY 2022: $200,000,000.00
- FY 2023: $400,000,000.00
- FY 2024: $300,000,000.00
- FY 2025: $100,000,000.00
How Cisco can help
Cisco provides your team with a deep bench featuring expertise in offense, defense, and special teams. We work alongside yours for immediate impact on your cybersecurity planning, including helping with your Cybersecurity Plan/Playbook. By partnering with Cisco, you can also take advantage of Talos Incident Response Retainer Services to proactively assess, strengthen, and evolve your incident readiness. Plus, you can leverage one or all of the following proactive services:
- Emergency Response to Cyber Incidents: Triage, coordination, investigation (such as analysis and forensics), containment, and guidance for remediation.
- Incident Response Readiness Assessment: Evaluate data points, including previous incidents, current roles/responsibilities, organizational design, patching operations, logging capabilities, plus provide personalized recommendations for each specific environment.
- Incident Response Plan: Review current Plan and/or develop an Incident Response Plan. This is a tailored process to support coordinated responses and communications during cybersecurity events or a thorough review of an existing organizations plan.
- Incident Response Playbook: Playbooks are a necessity. We’ll help you review and/or develop your Playbook. These Plays are based on the threats most relevant to your organization.
- Tabletop Exercise: Help you discover gaps in policy, procedure, and processes and help understand important communication activities. We’re ready to help you with both Tabletop creation and execution.
- Proactive Threat Hunting: Search for attack signs which may have evaded any previous detection. Cisco will focus on finding evidence of the post-exploitation phase in the kill chain.
- Compromise Assessment: Delivers an immediate assessment that searches for indicators of compromise or threat actors present in your environment.
- Cyber Range Training: Is a specialized technical training workshop(s) to help your staff build the skills and experience necessary to combat modern cyber threats.
- Intelligence on Demand: Gain the latest threat intelligence and net-new custom research from Talos.
- Purple Team Exercise and Red Team Exercise: Assess your organization’s resiliency to attacks while simultaneously assessing the organizations’ ability to detect.
At Cisco, we understand that the best response begins before an emergency occurs. That’s why we offer proactive services that strengthen your overall security posture before an event strikes. Remember, as you start your IIJA cybersecurity planning, we’re here to help you score a long-term victory.
- Incident Response Playbooks
- State and Local Cybersecurity Grant Webinar
- Take a dive deep on each of Cisco’s proactive services
- Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) Cybersecurity Plan Template