Cyber Secure Local Government – a new program of the CPPC and NASK

Cyber attacks – the scale of the phenomenon

A security survey of local government websites conducted by NASK’s CSIRT team in 2020 has revealed shocking data.Vulnerabilities, including serious bugs, were discovered in more than half of the sites examined. These are increasingly being spotted and exploited by cybercriminals. This is evidenced by the fact that in the second half of 2022 there was a clear upward trend in the number of reports registered by NASK’s CSIRT.

A multifaceted approach to security management is integral to protecting against cyber threats and dealing effectively with security incidents. It requires a full understanding of the potential risks, as well as the provision of effective protective measures.

Information on project

The Project Center for Digital Poland, in cooperation with the National Research Institute NASK, has begun accepting applications under the “Cyber Secure Local Government” program. The project targets more than 2,800. local government units. Municipalities, counties and provinces can get money, among other things. for the development, implementation and certification of information security management procedures, or the purchase, implementation and configuration of systems, equipment and services to enhance cyber security.

The project was created to increase the level of information security of local government units. This is to be done by strengthening resilience, as well as the ability to effectively prevent and respond to incidents in IT systems.

Purpose of the project

Implementation of the task will contribute to, among other things. To:

• Implement or update information security policies,
• Implementation of cyber security risk management measures,
• Implement mechanisms and measures to increase resilience to attacks from cyberspace.

Applications can be submitted between July 19 and September 30, 2023.Each local government can apply for grants in amounts ranging from PLN 200,000 to as much as PLN 850,000. The amount of the grant and the share of own contribution depend on the number of residents and the wealth of the unit (the so-called tax index appropriate for municipalities, counties and provinces).

Significantly, only the wealthiest local governments will be required to provide their own contribution, which totals only about 4 percent for the entire project.Local governments will be able to account under the project for activities carried out between June 1, 2023, and June 30, 2026.

A multifaceted approach to security management is indispensable for protecting against cyber threats and effectively dealing with security incidents. This requires a full understanding of the potential risks and the provision of effective protective measures.

The eAuditor system and cyber security

Information security management in an entity includes a wide range of activities related to both the development and implementation of regulations, policies or procedures. It also requires having relevantproper infrastructurey IT. BTChas been supporting government entities in managing andensuring the security of IT infrastructure. This is made possible by our systems, including. eAuditor and Hyprovision DLP allowing, for example, forremote and mass encryption of internal and USB drives using the Microsoft BitLocker API, blocking the upload of special category data files (based on specific tags) or monitoring running system processes and ports.