Jennifer Kleman

Cybersecurity has become a critical priority for organizations across public and private sectors. Recognizing this need, Cyber Florida has developed the Florida Cyber Risk Assessment (FCRA), a no-cost, confidential cybersecurity risk assessment aligned with NIST Cybersecurity Framework (CSF) 2.0. The FCRA is designed to assist critical infrastructure (CI) organizations in identifying and mitigating cybersecurity risks, complying with best practices outlined in the Florida Cyber Act (Statute 282.318), and building resilience against cyber threats.

What is the Florida Cyber Risk Assessment?

The FCRA is a Florida-specific adaptation of the Cyber Security Evaluation Tool (CSET®) developed by Idaho National Lab. It incorporates 106 NIST CSF questions and 48 Ransomware Readiness Assessment (RRA) questions, providing a structured approach for organizations to strengthen their cybersecurity frameworks. Participants can generate customized reports to enhance their cyber defense strategies and align with legal and regulatory requirements.

Addressing Gaps in Florida’s Critical Infrastructure Sectors

Recent FCRA assessments have revealed significant cybersecurity gaps within Florida’s CI sectors:

• Lack of Response and Recovery Plans: 50% of CI providers lack robust response and recovery plans.
• Weak Authentication Practices: Half of CI organizations do not use Multi-Factor Authentication (MFA).
• Inconsistent Partner Audits: While 39% conduct response planning with third-party providers, only 48% regularly audit these partners’ cybersecurity practices.
• Limited Training Programs: 49% lack formal cybersecurity training programs beyond basic awareness.
• Unclear Management Responsibilities: Nearly half of providers do not have assigned cyber-management responsibilities, with 49% lacking a Chief Information Security Officer (CISO).
• Infrequent Incident Response Exercises: Only 48% of organizations conduct biannual incident response tabletop exercises.
• Undefined Risk Tolerance: Just 53% of CI providers have clearly defined their risk tolerance, highlighting a critical gap in risk management strategies.

Enhancements and Tools to Support Cybersecurity

To address these challenges, Cyber Florida has implemented or is developing several tools and initiatives:

• Entry and Mid-Level Assessments:
  • A 20-question entry-level assessment evaluates organizations’ protections based on the top 20 areas of concern.
  • A 38-question mid-level assessment measures cybersecurity maturity against CISA Cybersecurity Performance Goals (CPGs).
• Maturity Modeling: A maturity index based on the Multi-State Information Sharing and Analysis Center (MS-ISAC) template helps organizations benchmark their cybersecurity practices.
• AI-Driven Resource Mapping Tool: In development, this innovative tool generates summaries from NIST 800-53 for all 106 CSF questions. Users will be able to efficiently create comprehensive cyber plans, including governance, incident response, and recovery plans.
• Workshops: A series of cybersecurity presentations aimed at raising awareness and educating CI organizations in both the public and private sectors.

New Tools and 2025 Initiatives

Cyber Florida continues to innovate and expand its efforts to enhance cybersecurity across the state. Notable initiatives include:

• Florida CI Mapping Pilot Project (Cyber-Bulls-I): A first-in-the-nation resource to help CI sectors address cyber risks, meet legal requirements, and build future compliance capacity. This tool provides risk reduction resources tailored to Florida’s sectors, risks, needs, and vulnerabilities.
• Enterprise Data Management Platform: A forthcoming platform designed to identify grant, research and development, and policy opportunities for Florida’s CI sectors.
• Visualization and Dashboard Tools: New tools for state leadership to monitor and address cybersecurity challenges effectively.
• Workforce Development Initiatives: These include a new mapping tool to support small business and defense industry growth.

The Path Forward

With its comprehensive approach and cutting-edge tools, the Florida Cyber Risk Assessment is paving the way for a stronger cybersecurity posture across Florida’s critical infrastructure sectors. Organizations adopting the FCRA’s recommendations and utilizing its resources will be better equipped to protect themselves against evolving cyber threats and ensure compliance with industry standards and legal mandates.

Cyber Florida remains committed to fostering a secure, resilient, and innovative cyber environment for Florida. For more information or to participate in the FCRA, visit https://cyberflorida.org/cip/ today.

Cyber Florida at USF’s Security Operations and Cybersecurity Apprenticeship Program (SOCAP) employs up to 10 students each semester, with opportunities for students to remain in the program for multiple terms. Through this innovative program, SOCAP interns gain hands-on experience addressing real cybersecurity issues for various clients, effectively extending the capabilities of client IT teams.

Managed by Ryan Irving and Duy Dao, SOCAP gives students valuable exposure to the day-to-day operations of a security operations center. Leveraging tools like Microsoft Defender, Crowdstrike, Stamus Networks, MS-ISAC Albert, Recorded Future, Magnet Forensics, Belkasoft Forensics, Volexity, and more, Irving assigns work tickets—real security alerts or issues—that need investigation. Each day, students select or are assigned tickets from the system, allowing them to work on current cybersecurity tasks and engage in practical problem-solving.

The University of South Florida (USF) Information Technology (IT) Department is among the clients benefiting significantly from SOCAP’s services. “The SOCAP partnership with USF IT is fantastic,” says Irving. “Students aren’t just performing real cybersecurity tasks; they’re actively improving the security of the university’s IT infrastructure while honing their skills in a real-world environment.”

In addition to ticket-based troubleshooting, SOCAP students take on proactive threat-hunting roles, scouring resources to detect potential indicators of compromise and preparing threat advisories for Cyber Florida’s threat room page on its website.

SOCAP students like Alessandro Lovadina, Erika Delvalle, and Ben Price bring diverse skills and interests, creating a collaborative team environment.

Lovadina is passionate about coding projects, like building web applications. “With AI, cybersecurity is crucial; all students should learn the basics of cybersecurity,” he notes.

Delvalle finds excitement in threat-hunting tickets. “It never gets boring,” she says. “You’re always learning something new.”

Price enjoys challenging issues that expand his research skills and expertise. “It’s fulfilling; it’s important,” he says.

SOCAP students have the freedom to conduct their own research and troubleshoot using open-source information and reliable online resources. The program’s hybrid format allows students to work both in-office and remotely, providing a dynamic environment that complements their class schedules. This flexibility gives SOCAP interns a comprehensive view of security operations and invaluable career experience.

Irving also incorporates regular training exercises in collaboration with the USF IT team. “Monthly simulated events allow students and staff to practice incident response skills together,” he says. “We invite USF IT to join these sessions, so that we can learn and improve our response capabilities as a team.”

Dennis Guillette, Director and Security Architect of USF IT, expressed his appreciation for SOCAP students’ contributions to the university’s cybersecurity efforts. “I would like to extend my deepest gratitude to the SOCAP students for their outstanding hard work and dedication. Their impressive technical knowledge and exceptional troubleshooting skills have been invaluable to our security posture. Their commitment to excellence and ability to tackle complex security challenges have significantly strengthened us. Thank you for setting a high standard of professionalism and expertise.”

Cyber Florida’s SOCAP internship program at USF continues to be a valuable resource for students and the university alike, advancing cybersecurity skills and bolstering the state’s defenses. It serves as a model for other schools.