Are you a Michigan Public Entity Concerned about Cybersecurity?

May 14, 2021

Do you know most cybersecurity breaches are financially motivated, perpetrated by external actors, feature hacking, and involve malware?   Public entities are specifically targeted for ransomware attacks since they provide services to the public, resulting in additional pressure to pay the ransom.  In addition, many times, public entities have lower levels of cybersecurity than other organizations.  Even if your entity refuses to pay the ransom, the combination of lost or delayed revenue and costs to restore the systems can run into the millions.

Due to increased attacks and the sophistication of the attacks, the State of Michigan, through the Michigan Cyber Partners, identified a need to provide Michigan public entities with a low-cost, consistent method to assess their cyber maturity and guide the improvement of their cybersecurity posture.  The program available through MiDEAL focuses on providing an assessment based upon the Center for Internet Security (CIS) CSAT system to help organizations assess their security maturity level.

Dewpoint (pre-approved contract vendor) works in conjunction with the public entity to provide the following:

• On-site or remote cybersecurity assessment to determine your current security posture against the CIS controls
• A vulnerability report and next steps based on the assessment findings to reduce risk exposure
• An actionable roadmap with a prioritized list of items to be completed within the next 12 months
• Review and verify that your entity has an effective basic cyber incident response plan
• Monthly coaching and discussion sessions to review the progress against the actionable plan and discuss new concerns
• At the end of the initial 12-month period, a final report comparing the initial findings with the improved maturity levels due to with progress of resolution actions along with any outstanding items

Case Study – Cybersecurity Assessment

The client requested an independent cybersecurity assessment focusing on the following goals:

• Identify and validate critical gaps in their IT security program and recommend steps for improvements or recommendations
• Provide a cybersecurity roadmap for the next fiscal year
• Establish key performance indicators (KPIs) for monthly tracking and reporting
• Validate current security tools

Client benefits as a result of the assessment:

• An independent review assessment providing an outside view of current the current security posture
• Recommendations for short- and long-term planning, including a roadmap
• Identified and prioritized recommendations to address critical areas to improve their security posture immediately

As a Michigan headquartered IT company with a long history of providing services to local and state government, we provide experienced, certified security consultants to take a holistic view of your environment.  Dewpoint understands the ever-changing cybersecurity environment and, under the MiDEAL program, provides a cost-effective solution to protect your entity.  Learn more about the MiDEAL Cybersecurity assessment program.