In this final installment of our National Preparedness Month series, we’ll examine how state and local government agencies can operationalize preparedness and measure resilience in their cyber-physical systems (CPS). As recent attacks have demonstrated, the threat landscape for the public sector continues to intensify, requiring a structured approach to preparedness that extends beyond cybersecurity awareness to protection of critical infrastructure.
The Critical Intersection of National Preparedness and Cyber-Physical Systems
Throughout this series, we’ve established three foundational principles:
Preparedness must be woven into the fabric of critical infrastructure
Synthesizing cyber-physical risk signals creates actionable insights
Resilience emerges from preparedness and is upheld by appropriately trained teams
For public sector leaders, National Preparedness Month isn’t just an annual observance. It’s a crucial reminder that the systems controlling physical infrastructure such as water, electricity, transportation, and public safety face unprecedented digital challenges and threats. The consequences of not being prepared can range from potential public safety emergencies to disruption of essential services.
The Accelerating Threat Landscape for Public Sector CPS
Through 2024 and 2025, a troubling pattern of cyberattacks has emerged that target state, local, and educational (SLED) organizations. Among them include:
Over a 29-day period, there was approximately one attack every six days. Public sector leaders should take note of the alarming frequency of these incidents, and use this data as a measuring stick for their own preparedness programs.
Translating Preparedness into Measurable Resilience
For SLED organizations responsible for critical infrastructure, this rapid cadence of attacks demands a framework that:
Identifies all critical exposure points in CPS
Measures potential service impact on public safety
Estimates time-to-harm for various attack scenarios
Prioritizes remediation based on real-world risk, not just technical impacts
A great way to gauge the cyber-physical risk posture and exposure levels is through a process known as continuous threat and exposure management (CTEM).
CTEM: The Operational Framework for CPS Preparedness
Coined by Gartner in 2022, CTEM outlines a process for defining critical assets and systems within an organization’s operating environment, estimating vulnerabilities and attack surfaces per asset, and then ranking each vulnerability in terms of exploitability and likelihood. This structured approach is an ideal alignment for National Preparedness Month objectives.
CISA’s catalog of known exploited vulnerabilities (KEV) is designed to help organizations clearly see the signals through the noise, helping teams identify which vulnerabilities are actively being exploited. Armed with this knowledge, teams can route the highest-impact exposures into governance workflows with defined owners and deadlines.
The Missing Link in Public Sector CPS Security
The most critical element in protecting public sector CPS is context. More specifically, it’s about understanding what specific impacts a system failure would have on public safety and services.
One example would be a vulnerability in a water treatment plant’s control system. This isn’t just a technical issue—it could potentially affect the drinking water supply for thousands of people or more. Similarly, a compromise of a dispatch system for law enforcement or fire rescue could have far-reaching consequences.
This contextual understanding takes cyber risks and translates them into real-world concerns that should resonate with public sector leaders and decision-makers. All told, it’s the difference between simply patching vulnerabilities and ensuring emergency services are still available during an incident.
How Claroty Empowers Public Sector Cyber Resilience
SLED organizations face unique challenges in protecting CPS. The issues can easily be compounded if the right solution isn’t in place. That solution should be tailored to the demands of a CPS environment, far-removed from an IT-
The Claroty Platform is ideal for public sector organizations looking to secure their CPS against an intensifying threat landscape by:
Automatically discovering assets across operational technology (OT) and CPS environments
Tying technical exposures to business impact, and routing risk items into governance workflows for timely treatment
Surfacing CPS asset vulnerabilities that are out of sight using continuous threat detection (CTD)
Monitoring communication paths between critical assets and zones, and providing alerts for anomalies that could indicate compromise
Providing deep reporting capabilities that demonstrate preparedness posture to leadership, elected officials, and the general public.
Conclusion
With cyber incidents occurring approximately once every six days across state and local government, the importance of preparedness for cyber resilience cannot be overstated. For SLED organizations, National Preparedness Month serves as a key reminder that protecting CPS requires both tenacity and a structured approach.
By adapting a CTEM approach powered by the Claroty Platform, organizations can transform preparedness into practice that serves their communities and keeps the public safe.
To learn more about how adopting the Claroty Platform can help with the development of cyber-physical risk management practices, schedule a demo with one of our experts.
