This is a compilation of information security resources available to local governments in Washington State. Download the print version.
Department of Homeland Security
The Department of Homeland Security provides an array of services to local jurisdictions that manage critical infrastructure for energy, water, transportation, financial systems, and other capabilities that support community needs and ways of life. The program offers multiple resources including cybersecurity guidance and assessments, hardware and software support, incident reporting, and training and education.
Multi-State Information Sharing and Analysis Center (MS-ISAC)
The MS-ISAC is the focal point for cyber threat prevention, protection, response and recovery for the nation's state, local, tribal, and territorial (SLTT) governments. The MS-ISAC 24x7 cybersecurity operations center provides real-time network monitoring, early cyber threat warnings and advisories, vulnerability identification and mitigation and incident response.
The SANS Institute was established in 1989 as a cooperative research and education organization. It provides intensive, immersion training designed for people to master the practical steps necessary for defending systems and networks against the most dangerous threats.
Washington State Auditor’s Office
The Performance Audit team at the Washington State Auditor’s Office has recently completed Opportunities to Improve State IT Security, a report detailing areas for improvement at the state agency level. The report itself is instructive for local governments. In addition, the Auditor’s Office is expanding their audits by offering an IT security audit as an opt-in, no-cost option for local governments. The audit would be designed to identify areas of risk or vulnerability, recommend best practices tailored to the local government environment, and provide guidance for resolving the risks identified. If you are interested in learning more, please contact Peg Bodin: 360-464-0113.
Washington State Military Cybersecurity Division
The Washington State Military Cybersecurity Division identifies and schedules multiple training events, seminars, and cybersecurity scenario exercises aimed at raising awareness of emergency managers across the state to better prepare them to address incidents involving cyber systems.
Federal Trade Commission (FTC)
The FTC offers resources for business and home and specifically a list of recent scams to be aware of. This can be helpful for organizations wanting to share general security awareness with their employees. The FTC site also provides a place to file complaints.
FBI’s Internet Crimes Complaint Center (IC3)
The Internet Crime Complaint Center (IC3) is a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C) which provides both information security information and a place to file complaints. These complaints are stored and can be used for prosecution.
National Institute of Standards and Technology (NIST) Cybersecurity Resource Center
The NIST Resource Center provides information security tools and practices, a resource for information security standards and guidelines, and identifies key security web resources to support users in industry, government, and academia. It is also a good portal to find all of NIST’s cyber related standards.
Michael Hamilton’s Daily Information Security News Blast
Michael sends out a daily report summarizing current news items related mostly to critical infrastructure information security issues. To sign up, contact Michael at MKH@mkha.us
Washington State Fusion Center – Threat reports
The Fusion Center’s cyber analyst provides detailed and actionable reports on current bad IP addresses and URLs. To sign up for this mailing, contact Lance Fuhrman at email@example.com
Cyber Incident Response Coalition and Analysis Sharing (CIRCAS)
This organization, including participants from public and private sectors, federal, state, local and tribal government and DHS, academia and law enforcement was created to share information and resources before, during and after a cyber event. To learn more, contact David R Matthews at DavidM@mkha.us