Key Finding 2: Recognize and actively address resource constraints (part 2)

  • 5 minutes

In this unit, you consider how to leverage state and local grants as well as free and low-cost cybersecurity services to support your cybersecurity plan while remaining conscious of your organization's budget.

Leverage state and local grants

Many school districts struggle with insufficient IT resources and cybersecurity capacity. Without the funding, support, and services required, many schools are finding that they can’t adequately meet their cybersecurity goals. CISA recommends that school leaders take several steps to recognize and actively address resource constraints.

  • Schools can work with the state planning committee to leverage the State and Local Cybersecurity Grant Program (SLCGP). The goal of the SLCGP is to help states, local governments, rural areas, and territories address cybersecurity risks and threats. The program enables the Department of Homeland Security to make targeted investments in local agencies, including schools, to improve community services' resilience.
  • Another option for leveraging available state and local grants is the Homeland Security Grant Program. The Homeland Security Grant includes a suite of risk-based grants to assist efforts in preventing, protecting against, mitigating, responding to, and recovering from acts of terrorism and other threats. This grant program provides organizations with the resources required for implementation of the National Preparedness System and working toward the National Preparedness Goal of a secure and resilient nation.

Next steps

  1. Consider if state and local grants are a viable option for your cybersecurity funding. Then determine your next steps in the process and who your points of contact will be.
  2. If you’re ready to take the next step, explore the SLCGP site for eligibility and funding guidelines, cost-share requirements, and information about the application process.
  3. Learn more about the Homeland Security Grant Program by utilizing the Preparedness Grants Manual to help guide you on program-specific information that pertains to your district or find out more about grant program eligibility, grant management, and the application process with HSGP webinars and events. If you didn't already, you may also want to find and save contact information for your local State Administrative Agency (SAA) to begin the grant application process.

Utilize free and low-cost services

As cyber threats continue to evolve and grow in sophistication, it’s imperative for schools to have access to the most effective tools and services to bolster their security measures. When resources are scarce, schools are forced to make difficult decisions around staffing and funding allocations.

Recognizing this need, CISA took a proactive approach to curate a comprehensive list of free and low-cost cybersecurity tools and services. This repository includes offerings from CISA, widely used open-source tools, and free services provided by public and private sector organizations. Many of these solutions are included within Microsoft 365 A5 licenses and add-ons that you may already have. Learn more about protecting your school against cybersecurity risks with Microsoft 365 A5.

Next steps

  1. Review the following free and low-cost solutions (organized by CISA’s Insights) or explore the full list of CISA-recommended tools.

    a. Reduce the likelihood of a damaging cyber incident:

    • Microsoft Defender Antivirus: This tool is used to protect and detect endpoint threats including file-based and file-less malware. Built into Windows and in versions of Windows Server.
    • CISA Vulnerability Scanning: This service evaluates external network presence by executing continuous scans of public, static IPs for accessible services and vulnerabilities. It provides weekly vulnerability reports and ad-hoc alerts.

    b. Take steps to quickly detect a potential intrusion:

    • Microsoft Safety Scanner: Microsoft Safety Scanner is a scan tool designed to find and remove malware from Windows computers. It runs scans to find malware and try to reverse changes made by identified threats.
    • Ettercap: Ettercap is a suite for adversary-in-the-middle attacks on LAN that includes sniffing of live connections, content filtering on the fly, and many other features. It supports active and passive dissection of many protocols and includes many features for network and host analysis.

    c. Ensure preparation to respond if an intrusion occurs:

    • Microsoft PsExec: PsExec is a lightweight telnet replacement that lets users execute processes on other systems (complete with full interactivity for console applications) without having to manually install client software.
    • Timesketch: Timesketch is an open-source tool for collaborative forensic timeline analysis. Using sketches, users and their collaborators can easily organize timelines and analyze them all at the same time.

    d. Maximize resilience:

    • Microsoft Security Compliance Toolkit 1.0: This toolset allows enterprise security administrators to download, analyze, test, edit, and store Microsoft-recommended security configuration baselines for Windows and other Microsoft products, while comparing them against other security configurations.
    • Microsoft Threat Modeling Tool: This tool is designed to make threat modeling easier for developers through a standard notation for visualizing system components, data flows, and security boundaries.

Evaluate your security program’s need for additional services and tools. Then determine which free or low-cost solutions may work for your school or district. Note your next steps and any points of contact you'll need to move forward in your cybersecurity plan.