Cyber Preparedness Unit

HOME

Header image of a circuit board overlaid with the logo of the Cyber Preparedness Unit  


The Cyberpreparedness Unit (CPU) is MDEM's lead program for advancing the readiness of all Marylanders for an ever-increasing variety of potential cyberattacks, threats, and disruptions. Established under Md. Code Public Safety §14-104.1, the CPU assists in maturing Maryland's cybersecurity posture through the development of cyber preparedness activities.

We're proud to be working with some excellent partners in this effort:

  • Office of Security Management (OSM) - Maryland Department of Information Technology (DoIT)
    The OSM is responsible for the direction, coordination, and implementation of the overall cybersecurity strategy and policy for units of State government. For more information about DoIT and the OSM, click here.
  • MDEM State Continuity Unit
    The MDEM State Continuity Unit can provide technical assistance with COOP planning and overall Continuity of Operations Program Management. If you would like to request assistance from the State Continuity Unit, please contact Danielle Notargiacomo (danielle.notargiacomo@maryland.gov) or continuity.mdem@maryland.gov.



How Can We Help?



The CPU aims to be a reliable partner for Emergency Management and Cybersecurity professionals and provide cyber resources, specialized planning and operational assistance, training, and collaboration opportunities to better prepare the Maryland community for cyber disruptions. We've got resources to help at any level, from individuals to whole organizations.


Easy Cyber Safety for Individuals

Cyber actors can operate from anywhere, and pose threats to both cyberspace itself and the physical systems (e.g., computers, networking infrastructure, servers, etc.) that enable it. Their attacks can lead to loss of money, theft of personal information, and damage to your reputation and safety.

All of that makes it extra important to maintain good everyday "cyber hygiene." Get started with these basic tips:

1.  Use strong passwords - they should be complex, use a variety of characters, and be different for each account. Use your device's password manager to help securely keep track of them.

2.  Regularly update your software via a trusted official source - regular updates help ensure that your device is always protected against the most current set of known threats.

3.  Turn on multi-factor authentication - requiring an additional type of verification (e.g., phone call, fingerprint, authenticator app, etc.) adds an extra layer of protection from those who might try to impersonate you online.

4.  Avoid suspicious links - think before you click! Be wary of any link sent to you by someone you don't normally receive them from - especially senders who appear to be businesses. Many scammers pretend to be a company you know or have an account with, and use that connection to convince you to click on links leading to viruses or malware. If you're ever unsure, contact the sender via a different method and ask if it really was them who sent the link.

5.  Create and maintain a cyber preparedness plan - Even when you do everything right, you may not be able to prevent all cyberattacks. Make sure to plan for what you'll do in the event of a successful cyberattack, so you'll be able to respond calmly and quickly to minimize the damage.

                                   

Cyberpreparedness Resources

         

Cyber Threat Preparedness & Mitigation

Cybersecurity and Infrastructure Security Agency Known Exploited Vulnerabilities Catalog
CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild: the Known Exploited Vulnerability (KEV) catalog. CISA strongly recommends all organizations review and monitor the KEV catalog and prioritize remediation of the listed vulnerabilities to reduce the likelihood of compromise by known threat actors.

                                


Education & Training

Custom Training from MDEM Available (click to request)
The CPU's State and Local Cyber Preparedness Programs can provide guidance on how to fold a Cyber Specific Annex into your entity's Emergency Operations Plan; and provide an overview of cyber preparedness, network mapping, Mission Essential Functions (MEFS) and Primary Mission Essential Functions (PMEFS), the flow of cyber attacks, cyber-incident response, and cyber response considerations during cyber disruption planning, etc.                              

Cybersecurity and Infrastructure Security Agency Web-Based CISA Training
The CISA website provides training programs in online, independent, and/or instructor-led formats.                              

The Maryland Information Sharing and Analysis Center (MD-ISAC)
Housed within the Office of Security Management at the Maryland Department of Information Technology, it is a resource similar to the MS-ISAC, but it is specific to Maryland and is a platform where Maryland governments can share threat information and stay ahead of cyber criminals.  
                 

National Initiative for Cybersecurity Careers and Studies (NICCS) Education and Training Catalog
This webpage provides cybersecurity education and training information by topic including: the Federal Virtual Training Environment (FedVTE) and cybersecurity training for students, veterans, and teachers.                              

FedVTE Incident Response and Awareness Training
FedVTE provides free of charge training on cybersecurity basics, cyber risk management, ransomware attacks, etc.                              

Texas A&M Engineering Extension Service (TEEX)
An internationally recognized leader in emergency response training, workforce training and technical assistance. TEEX also hosts the National Cybersecurity Preparedness Consortium- Web which is a list of cyber preparedness training. The consortium sits within the Cyber Readiness Center which is a premier provider of cybersecurity training and technical assistance services.            
                                



Exercises

Custom Exercises from MDEM Available (click to request)
The CPU State and Local Cyber Preparedness Programs can provide assistance testing your entity's cyber plans and response capabilities by engaging your team members in a hypothetical incident response. Exercises are tailored to fit the needs of your entity.

                                



Legal & Regulatory Resources

Maryland Local Cybersecurity Support Act of 2022
Synopsis: Establishing the Cyber Preparedness Unit in the Maryland Department of Emergency Management; establishing certain responsibilities of the Unit; requiring local governments to report certain cybersecurity incidents in a certain manner and under certain circumstances; requiring the State Security Operations Center to notify appropriate agencies of a cybersecurity incident in a certain manner; establishing the Office of Security Management within the Department of Information Technology and certain Office positions; etc.                 

Modernize Maryland Act of 2022
Synopsis: Requires a public or private water or sewer system that serves 10,000 or more users and receives financial assistance from the State to, on or before a certain date, assess its vulnerability to a cyber attack, develop a cybersecurity plan if appropriate, and submit a certain report to the General Assembly; authorizing the Maryland Water Quality Financing Administration to provide financial assistance to a public water or wastewater system to assess system cybersecurity vulnerabilities and develop a cybersecurity plan; etc.
                 

National Cybersecurity Strategy 
Read the National Cybersecurity Strategy created by the Biden-Harris administration in March 2023.                 

Privacy Impact Assessment (PIA)
When managing data breaches it's important to consider how your breach may affect others. The PIA is a tool that can assist governments in their strategic privacy practices including investigating compromise and notify affected parties.
                 

State Government - Cybersecurity - Coordination and State Government (SB 812)
Synopsis: Establishes the Office of Security Management within the Department of Information Technology; establishing the Maryland Cybersecurity Coordinating Council; requiring certain IT units to certify compliance with certain cybersecurity standards; requiring each unit of the Executive Branch of State government and certain local entities to report certain cybersecurity incidents in a certain manner; requiring the Department of General Services to establish certain basic security requirements in be included in certain contracts; etc.                 


                 



Planning Resources

Cyber Annex Checklist
The primary purpose of a Cybersecurity Annex is to establish a standardized, flexible, and scalable foundation to prepare for, and respond to a cyber threat or attack. The identified tasks within this hazard sheet are meant to be a starting point to help you create a cyber annex to existing plans.                 

Volunteer Intake Form
A usable, downloadable PDF template designed by MDEM.                 

FEMA Incident Command System Forms
This resource contains links to fillable and printable Incident Command System (ICS) forms, as well as the forms' instructional booklet.
                               



General Purpose Resources & Guidance

Cybersecurity and Infrastructure Security Agency (CISA) Cyber Resources
The Cybersecurity and Infrastructure Security Agency offers a range of cybersecurity assessments that evaluate operational resilience, cybersecurity practices, organizational management of external dependencies, and other key elements of a robust and resilient cyber framework.                 

CISA News Alerts​
Click to sign up for news, updates, and alerts from CISA.                 

Dept. of Education Protecting Student Privacy (K-12 Institutions)
The Department of Education provides guidance and best practice for the K-12 community to use to enhance the security of their information systems.
                 

Federal Student Aid (FSA) Office Cybersecurity Page 
The FSA has compiled cybersecurity guidance and compliance information for higher education institutions.
                 


                 



Agencies to Know

Cybersecurity and Infrastructure Security Agency (CISA) Topics

CISA is the United States Cyber Defense Agency. They lead the national effort to understand, manage, and reduce risk to our critical infrastructure.                 

Federal Emergency Management Agency (FEMA)
FEMA supports citizens and emergency personnel to build, sustain, and improve the nation's capability to prepare for, protect against, respond to, recover from, and mitigate all hazards. FEMA oversees federal grant programs, such as the SLCGP, that help State's strengthen their cybersecurity posture. The agency also provides training opportunities on a variety of preparedness topics through their website: Ready.gov. To find their information on cybersecurity preparedness, click here.
                 

Maryland Department of Emergency Management (MDEM)
MDEM is a national leader in emergency management that provides Maryland residents, organizations, and emergency management partners with expert information, programmatic activities, and leadership in the delivery of financial, technical and physical resources “to shape a resilient Maryland where communities thrive.” We do this by being Mar​yland's designated source of official risk reduction and consequence management information.

The Cyber Preparedness Unit sits under the MDEM Preparedness Branch within the Consequence Management Directorate. The Preparedness Branch produces consequence management plans and involves stakeholders in emergency​ management planning efforts, develops and conducts training programs and exercises for state, local, federal, and private sector partners, and incorporates the State of Maryland’s federally-mandated Radiological Emergency Preparedness Program.
                 

Maryland Department of Information Technology (DoIT)
The Department of Information Technology was created by 2008 legislation in an effort to consolidate state agency information technology functions and policies into one department; elevating the department to one that reports directly to the Governor.

DoITs mission is to provide vital technology solutions that allow the Executive Branch, State Agencies, and Coordinating Offices to provide Marylanders with services that enable them to live and work more safely, efficiently and productively.​
                 

Maryl
                 

and Department of Commerce
The state's primary economic development agency, that stimulates private investment and create jobs by attracting new businesses, encouraging the expansion and retention of existing companies, and providing workforce training and financial assistance to Maryland companies.

The Department also promotes the state's many economic advantages and markets local products and services at home and abroad to spur economic development and international investment, trade and tourism.
                 





But that's not all - the CPU also maintains a slate of its own customizable programs and services, to help get to the cybersecurity solution that best fits you or your organization.


Our Programs

Local Cyber Preparedness Program
Specializes in developing and exercising preparedness plans designed to meet the unique needs of local entities.

For a full list of this program's functions and the support they can provide to local jurisdictions (including schools and health departments), please email: cyberpreparedness.mdem@maryland.gov


State Cyber Preparedness Program
This program is designed to assist State agencies with developing and exercising their cyber preparedness plans.

If you are a representative for a state agency interested in partnering with the Cyber Preparedness Unit, please email:
cyberpreparedness.mdem@maryland.gov


Risk Management and Assessment Program

This program’s primary function is the development and maintenance of MDEM’s own internal Risk Management Framework to increase systemic & operational resilience through the review and implementation of security controls, privacy controls, and supply chain management controls.

Additional functions of this program can include assistance to local and state agencies with projects like determining their risk appetite by conducting risk assessments and operational analyses, or linking state and local resources to available technological resources

If you would like more information on this program, please email:
cyberpreparedness.mdem@maryland.gov​


Grant Management Program

The CPU's Grant Manager will oversee funding opportunities related to cybersecurity from both Maryland and federal sources. These opportunities are meant to provide eligible entities with funding to address their cybersecurity maturity.

For a full list of funding opportunities, click here.


Available Services

The CPU aims to be a reliable partner for Emergency Management and Cybersecurity professionals and provide cyber resources, specialized planning and operational assistance, training, and collaboration opportunities to better prepare the Maryland community for cyber disruptions.

To support that mission, our services include...

  • Planning assistance to help with folding a Cyber Specific Annex into your Emergency Operations Plan.

  • Assisting incident response activities by advising command on contingency + coordination actions.

  • Connecting emergency management + cybersecurity personnel within Maryland to develop/exercise cyber incident coordination plans.

  • Assisting your agency or jurisdiction with incorporating cyber incidents into all-hazard preparedness and planning.

  • Supporting cyber incident preparedness and response activities to include: operational coordination and communication, planning, training, and exercising.

  • Promotion and management of funding opportunities related to increasing cyber maturity.

  • Providing a high-level overview of cyber preparedness, network mapping, Mission Essential Functions (MEFS) and Primary Mission Essential Functions (PMEFS), the flow of cyber attacks, cyber-incident response, and cyber response considerations during cyber disruption planning.




Request CPU Assistance
Explore Funding Opportunities

​​​​​