October is National Cyber Security Awareness Month. Start your awareness journey now. START 
Skip to main content

What to Know About Allocating CARES Act Funding for Cybersecurity Initiatives

COVID-19 provided the public and private sectors with a crash course in remote work. Regardless of their approach to remote or distributed work before the pandemic, organizations, including governments and schools, had to stand up a fully remote workforce in a matter of days. Those tasked with making the switch found themselves forced to face and tackle new and unfamiliar obstacles.

They also learned what it takes to shift work processes to a hybrid or fully remote environment.

In the rush to support remote work, many organizations learned an important lesson: Cybersecurity is essential for remote work to function. For example, many conference call participants experienced unexpected challenges such as "Zoombombing," where uninvited attendees sought to disrupt meetings using a range of simple, yet effective, tactics.

dark gray cat sits by a windowsill, a desktop has a couple of computers for remote work

Efforts to switch traditional classroom teaching to remote learning also suffered from an unprecedented increase in ransomware, with attacks taking place around the country affecting millions of students. And while estimates vary regarding the number of attacks against the public sector and local government, ransomware attacks against Atlanta, Baltimore, and Pensacola showcase that the threat is significant and sustained.

Zoombombing and an increase in ransomware are far from the only risks that came to the forefront during the pandemic. Many IT security teams around the globe saw exponential growth in phishing, web browser infections, and the use of personal devices with the potential to expose corporate networks.

In addition, some employees started using their work devices to download content from the internet, play games, and access streaming services.

Using CARES Act Funds to Support Remote Work

As the line between business and personal devices continues to blur and the volume of attacks increases, remote work can become severely disrupted without cybersecurity adequately addressing these risks.

To help organizations bridge the gap between the security they have in place and what they need to support remote work, the U.S. federal government passed the Coronavirus Aid, Relief, and Economic Security (CARES) Act in January 2021. The CARES Act sets aside money for states, tribal governments, and certain local governments "to improve telework capabilities for public employees to enable compliance with COVID–19 public health precautions."

So far, much of the money has not been spent or allocated.

The money spent to date, however, was often used by states, local governments, and educational institutions on cybersecurity to support remote work. For example, North Carolina assigned $4.5 million to establish a shared cybersecurity infrastructure for its school system, as well as cybersecurity monitoring and support.

In Bozeman, Montana, the local government also invested a portion of the federal funds into cybersecurity. And in Oklahoma, the state's Office of Management & Enterprise Services invested CARES relief funding in a high-availability data center.

Ask your granting body about their plans to enable remote work and share with them how cybersecurity can help them do so safely. Now might be the opportune time to investigate whether your organization qualifies for funds created under the CARES Act to support teleworking for public sector employees.

How Arctic Wolf Can Help

Arctic Wolf is proud of how our security operations solutions protect government and educational IT systems from cyber attacks, as well as how we support remote work capabilities. From account takeover compromises to ransomware, our comprehensive solutions help organizations spot and rectify vulnerabilities, defend the cloud, and detect and respond to advanced threats.

Our security operations experts help organizations establish a holistic view of their environment, including at the network, endpoint, and agent level. By leveraging our tech stack, governments can improve the effectiveness of their existing cybersecurity efforts and optimize the additional investments they may make.

To learn more about our experience supporting the public sector, schedule time with an Arctic Wolf security expert for a demo.

You can also read about our security operations for state and local governments.