Cybersecurity is a team effort in Colorado. Our Whole of State work is focused on reducing the time, talent and resources needed for local governments and critical infrastructure partners to build and maintain strong cybersecurity programs that improve the overall strength of our ecosystem as a state.
Colorado’s Whole of State effort is truly that – a whole of state effort. As a result, we work with partners across the state to offer support for a wide variety of needs. If you have any questions about the following resources, please don’t hesitate to contact our cyber team through our cyber team email.
Colorado Stakeholder Groups
We want our Whole of State efforts to be as responsive to local government and critical infrastructure needs as possible and are engaged with two distinct stakeholder groups. Each group focuses on various aspects of how to make our communities stronger.
Governor’s Cybersecurity Council
The Governor’s Cybersecurity Council is dedicated to improving the coordination and collaboration between state agencies and our local and critical infrastructure partners. The council works to best leverage our state resources and ensure the continued security of our state and local systems and networks.
HSAC Cybersecurity Advisory Committee
The HSAC Cybersecurity Advisory Committee is made up of a diverse group of local jurisdictions (different sizes and geographic representation), critical infrastructure partners, state agency partners and education partners. This group works together to identify challenges and opportunities that face a variety of entities across Colorado, developing plans and strategies for addressing those issues.
Support and Resources
CIAC Cyber Unit Support
The CIAC’s cyber unit is part of the Colorado Information Analysis Center, which focuses on fostering information sharing around cyber threats and best practices. Our core services include the following:
- Incident Response Support
- If you think you have an incident, our team can work with you to walk through the steps to contain the threat and support the investigation around the incident.
- We can also work with your team to help build out an incident response plan, and practice it, so your organization is prepared to respond in case there is an incident.
- Vulnerability assessments
- Our team conducts free vulnerability assessments that focus on identifying how your organization appears publicly and what vulnerabilities may exist on that public-facing front.
- This assessment can also include a review of steps to reduce your organization’s vulnerability to email spoofing.
- Information sharing
- We help facilitate and host the Colorado Threat Information Sharing network and offer ongoing information and best practice sharing across all critical sectors.
- Tabletop Exercise support
- If you are interested in hosting a tabletop exercise to assess various aspects of your cybersecurity program, our team is happy to support setting it up and running through it with you.
- Civilian Cyber Reserve Coordination
- We are building out a plan for a cyber reserve – more to come by end of 2022.
CTIS
In Colorado, we leverage many different resources to meet the growing demands of those working to support cybersecurity for their organizations. One of the most critical resources is a network for information and threat sharing, and community collaboration, through the Colorado Threat Information Sharing (CTIS) network.
CTIS is meant for professionals charged with supporting cybersecurity in their organization. We break out different work groups for members to participate in so that users can further focus the information they get that pertains to them. CTIS is not a duplicative effort. We recognize that many local governments and critical infrastructure partners already get regular updates on national-level threats and trends.
CTIS is meant to accelerate information sharing that is local to Colorado jurisdictions and in real-time so that we can all improve our time to secure against potential threats.
Learn more by visiting the CIAC’s Cyber Program site.
MS-ISAC
If you are not yet a member of the Multi-State ISAC and are a public entity, please consider signing up to participate. Not only will that grant you immediate access to CTIS, but being a member opens your organization up to several free resources to support your program.
CISA
The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) offers additional free tools and resources to all types of organizations.
Secretary of State
The Secretary of State’s (SOS) office supports cybersecurity efforts for elections. Please visit the SOS website for information and resources.
National Cybersecurity Center
The National Cybersecurity Center is a non-profit based in Colorado Springs dedicated to supporting the cyber workforce gap and improving education and awareness in Colorado.
- Webinars and Education
- Check out the center's calendar of regular webinars, as well as learn about access to the Colorado Cyber Range.
- Policy Templates
- Access incident response templates, as well as other policy-related templates to build out your cyber program.
- Crown Jewels Assessment
- Learn more about how to identify your critical cyber assets with the crown jewels assessment.
- PISCES
- If your organization does not have network monitoring support, and you want to help train up the next generation of cyber talent in Colorado, then consider joining PISCES.
- It is free and helps provide another layer of support to local governments in Colorado.