As the digital landscape grows more complex, the threats facing state and local governments have multiplied. Traditional cybersecurity measures alone may not be sufficient to protect sensitive information from a broad array of cyber threats. To help manage these risks, the U.S. Department of Homeland Security (DHS) has allocated nearly $280 million through the Fiscal Year 2024 State and Local Cybersecurity Grant Program (SLCGP). This funding is designed to empower states and territories to bolster their cybersecurity programs, equipping them to identify vulnerabilities, detect emerging threats, and respond more effectively to incidents.
Several of our State and Local government customers have leveraged the SLCGP program to implement a digital risk program to protect their and their constituent's infrastructure. One State surveyed its municipal partners and found that the majority were looking for dark web visibility and digital risk support.
Digital Risk Protection provides state cybersecurity teams with deeper insights into external threats by monitoring illicit online spaces where threat actors often exchange or sell stolen data, discuss vulnerabilities, and share tactics.
The dark web, a part of the internet not indexed by traditional search engines, is a notorious hotspot for cybercriminal activities. From compromised credentials to discussions of vulnerabilities in public sector systems, the dark web and related forums offer early warning signs of impending threats. Digital risk monitoring expands this approach by scanning a broader range of sources across the surface web, social media, and dark web to identify digital risks relevant to organizations.
By implementing these capabilities, states can move from a reactive cybersecurity posture to a proactive one. Dark web monitoring can alert officials when government-related information, such as employee credentials or sensitive government data, appears on underground sites. This early detection enables faster, more targeted responses, helping to mitigate the damage from potential breaches.
Recently some of our state partners have utilized these capabilities to assist in securing their election assets.
The FY 2024 SLCGP prioritizes strategic investments in cybersecurity resilience, making dark web and digital risk monitoring an ideal fit for grant-funded projects. Under the grant, states must enhance their cyber defenses through investments aligned with objectives like improving governance, understanding cyber posture, and implementing security measures proportionate to risk. Dark web monitoring aligns with these objectives by providing intelligence to inform risk assessments and prioritizing protections against the most pressing threats.
1. Developing Investment Justifications (IJ) for Dark Web Monitoring
To access funding for dark web monitoring through the SLCGP, states need to submit a comprehensive Investment Justification (IJ) for their proposed projects. This document must demonstrate how dark web monitoring aligns with the state’s cybersecurity plan, objectives, and risk assessments. The IJ should outline the anticipated benefits of these services, such as enhanced visibility into cyber threats, reduced credential theft, and rapid response to exposed government data on illicit sites.
2. Implementing and Maintaining Monitoring Services
Once approved, states can begin onboarding dark web monitoring providers, typically offering ongoing scans for state-specific data and real-time alerts for compromised information. We have had the most success with the program when collaborating closely with the state’s Chief Information Security Officer (CISO).
3. Training and Response Development
Part of the SLCGP funding can also be directed toward training for cybersecurity teams, enabling them to interpret and act on the intelligence derived from dark web monitoring. This training can enhance state employees’ ability to respond quickly to compromised data and integrate threat intelligence into their daily risk management practices. Some GroupSense SLED customers have leveraged the program to provide cyber intelligence program development to improve their existing digital risk efforts.
Dark web and digital risk monitoring provide several key advantages for state and local governments, including:
• Early Threat Detection: Real-time alerts allow cybersecurity teams to detect potential threats before they escalate, providing valuable time to prevent or contain attacks.
• Enhanced Situational Awareness: Monitoring services help cybersecurity teams understand the larger threat landscape, including vulnerabilities in neighboring jurisdictions that could impact their state.
• Informed Decision-Making: With visibility into dark web activities, states can make informed decisions about resource allocation and prioritize threats that pose the highest risk to their operations and constituents.
The FY 2024 SLCGP provides a unique opportunity for states to strengthen their cybersecurity measures by integrating dark web and digital risk monitoring into their defensive strategies. This proactive approach allows state governments to stay one step ahead of cybercriminals, reducing the potential for data breaches and other costly cyber incidents. By making this investment, states can protect the critical systems that citizens depend on daily, safeguarding sensitive data and enhancing public trust in state cybersecurity measures.
Click Here to Talk to a GroupSense professional about how GroupSense's DRPS Digital Risk Solution and Dark Web Monitoring are helping state and local governments build and sustain outcome-driven programs using SLCGP.