The State of Tennessee recently sent out the following letter regarding cybersecurity risk assessments being offered at no cost. If you have any questions, please contact ncsr@tn.gov.
May 2, 2023
Dear Tennessee Leaders of Counties, Cities, Local Jurisdictions, and Other Entities,
Are you concerned about your organization’s cybersecurity risk? We are, too. Do you want to better understand your risk but don’t know how to get started? We want to help, at no direct cost to you.
The State of Tennessee is participating in the National Cyber Security Review (NCSR) Assessment, and we need your assistance. This project is sponsored by the state’s Cyber Security Advisory Council and led by Strategic Technology Solutions (STS) within the Tennessee Department of Finance and Administration.
The National Cyber Security Review (NCSR)
The NCSR is an assessment designed to measure potential cybersecurity gaps and capabilities of all branches of state government, counties, cities, local jurisdictions, and other entities. The assessment’s goal is to assess opportunities for improvement and identify significant risks or gaps to protect our citizens and safeguard data. The benefits of implementing this assessment include increased awareness, risk mitigation, and enhanced communication regarding cyber safeguards.
Why the NCSR Assessment Matters to Your Constituents
In Tennessee, we depend on the internet and cyberspace for daily conveniences, critical services, and economic prosperity. The STS Cybersecurity team works with key federal, state, and local government partners to identify and manage cybersecurity risks. STS will work directly with our selected partner, Deloitte, on the National Cyber Security Review for approximately 1,300 counties, cities, local jurisdictions, and other entities within Tennessee. The completion of the NCSR assessment is required to receive Homeland Security and Cybersecurity and Infrastructure Security Agency (CISA) grants. In addition, we are encouraging each entity to become a member of the Multi-State Information and Sharing Analysis Center (MS-ISAC) to improve communications and collaboration. There is no cost to participate; this initiative is funded using our state’s ARPA funding.
Reducing our statewide cybersecurity risk requires an innovative approach that fully leverages our collective capabilities and the entire cybersecurity community. STS will engage with key partners to collectively address cyber education, vulnerabilities, threats, and consequences. All counties, cities, and other jurisdictions within Tennessee are encouraged to participate in the NCSR assessment. The assessment includes roughly 140 questions related to IT and security and should take an average of 4 to 8 manhours to complete. Our partner, Deloitte, will walk through the questions with each entity. The assessment results will only be shared with CISA and MS-ISAC. Through these efforts, we seek to create a safe and secure cyberspace for Tennessee businesses, citizens, and employees, as well as safeguard the state’s data and your data to remain interoperable, secure, and resilient.
We appreciate your support and will reach out soon regarding next steps on this important initiative. If you have questions, please contact ncsr@tn.gov.
Sincerely,
