| NSF Org: |
DGE Division Of Graduate Education |
| Recipient: |
|
| Initial Amendment Date: | July 3, 2016 |
| Latest Amendment Date: | June 4, 2021 |
| Award Number: | 1623653 |
| Award Instrument: | Standard Grant |
| Program Manager: |
Victor Piotrowski
vpiotrow@nsf.gov (703)292-5141 DGE Division Of Graduate Education EDU Directorate for STEM Education |
| Start Date: | September 1, 2016 |
| End Date: | August 31, 2022 (Estimated) |
| Total Intended Award Amount: | $299,935.00 |
| Total Awarded Amount to Date: | $299,935.00 |
| Funds Obligated to Date: |
|
| History of Investigator: |
|
| Recipient Sponsored Research Office: |
4400 UNIVERSITY DR FAIRFAX VA US 22030-4422 (703)993-2295 |
| Sponsor Congressional District: |
|
| Primary Place of Performance: |
4400 University Drive Fairfax VA US 22030-4422 |
| Primary Place of
Performance Congressional District: |
|
| Unique Entity Identifier (UEI): |
|
| Parent UEI: |
|
| NSF Program(s): | CYBERCORPS: SCHLAR FOR SER |
| Primary Program Source: |
|
| Program Reference Code(s): |
|
| Program Element Code(s): |
|
| Award Agency Code: | 4900 |
| Fund Agency Code: | 4900 |
| Assistance Listing Number(s): | 47.076 |
ABSTRACT
While the nation's cities and counties are often closest to residents in providing citizen services, public safety and critical infrastructure such as public health and transport, many have limited staffing, expertise and cybersecurity budgets. Not only are the residents and cities and counties themselves potentially at risk, public safety, public health and critical infrastructure systems are part of larger connected state and national systems. For example, counties own 45% of the U.S. road miles, 40% of the bridges and operate of 30% of public airports and 1,550 health departments. City and county cybersecurity is an important yet under-focused aspect of our national cybersecurity efforts. Further, current cybersecurity education programs are not addressing some of the special but critical needs facing local governments. This project is contributing to addressing the local government cybersecurity challenges by developing and providing local government specific cybersecurity education and training modules that can augment existing cybersecurity curricula or be provided on a standalone basis.
The project includes regional workshops for local government executives to address: (1) How can cybersecurity for local governments, especially those with limited budgets and cybersecurity expertise, most effectively be addressed?; and (2) What are the most effective strategies, models and approaches for cybersecurity cross jurisdictional sharing for local governments? Lastly, the project is developing: (1) a Local Government Cybersecurity Toolkit covering cybersecurity leadership and governance issues relevant for local government; and (2) a Local Government Cross Jurisdiction Capacity Sharing Roadmap providing local governments with guidance for developing and undertaking cybersecurity cross jurisdiction collaborations.
PROJECT OUTCOMES REPORT
Disclaimer
This Project Outcomes Report for the General Public is displayed verbatim as submitted by the Principal Investigator (PI) for this award. Any opinions, findings, and conclusions or recommendations expressed in this Report are those of the PI and do not necessarily reflect the views of the National Science Foundation; NSF has not approved or endorsed its content.
Executive Summary
While the nation's cities, towns and counties directly engage with residents in providing digital government services, K - 12, public safety, public health, transportation, emergency response and water and other utilities, many have limited cybersecurity budgets and staffing. Not only are the residents and the local governments themselves potentially at risk of cyber attacks, there are associated regional and national systemic risks.
The project's objective was to collaborate with state and local governments to enhance local government cybersecurity by fostering and facilitating local government cybersecurity partnering.
Initiatives and Activities
The project's core initiatives were statewide and regional local and state government cybersecurity partnering workshops bringing together state and local government IT leaders and government administrators; K - 12 IT and cybersecurity leaders; Cybersecurity Infrastructure Security Agency (CISA) regional advisors and private sector executives to identify and exchange local government cybersecurity governance best practices, identify potential areas of cybersecurity governance collaboration; and to assess and evaluate cybersecurity ramifications of the changing technology landscape.
The local and state government cybersecurity partnering workshops included:
Five West Virginia statewide workshops in Charleston, Huntington, Sutton (2) and virtual during COVID. The Huntington workshop also included IT and cybersecurity government executives from Ohio and Kentucky. The project partnered with the with the West Virginia Chief Technology Officer, West Virginia Chief Information Security Officer, and the CIO of the West Virginia Secretary of State?s Office in organizing and hosting the West Virginia workshops.
Three Virginia statewide workshops all held in Richmond, Virginia.
Seven regional Virginia workshops which focused on the Northern Neck and Middle Peninsula region and partnering with Caroline County, Essex County (2) and Matthews County; the western part of northern Virginia to the Shenandoah Valley region partnering with City of Leesburg and Town of Purcellville; and the Roanoke region partnering with the County of Roanoke.
The project also organized and hosted two local and state government cybersecurity partnering conferences and conducted interviews of local and state government IT and cybersecurity leaders and local government administrators.
Focus Areas
The project's focus areas included local government cybersecurity governance including cybersecurity policies and risk management; communications across local government, with state and federal governments and insurers, and board engagement; financing; staffing; technology adoption and innovation both for cybersecurity and ramifications of new technologies such as AI; and incident response including role of backups.
The project highlighted the benefits of layering of local, state and federal, and organizations, insurers, such as MS-ISAC (Multi-State Information Sharing and Analysis Center) for local government cybersecurity.
In addition to local government cybersecurity administration, the project also extended to K - 12 and critical infrastructure such as local government owned water utilities.
Last Modified: 08/30/2023
Modified by: Jean Pierre Auffret
Please report errors in award information by writing to: awardsearch@nsf.gov.
