Florida passed a bill requiring local governments to adopt new cybersecurity standards. These standards are designed to protect data, information technology and information technology resources for the purpose of confidentiality and availability. By January 1, 202, cities with a population less than 25,000 must be compliant. The standards local governments must follow are consistent with the best practices of the National Institute of Standards and Technology (NIST). 

Nick Brigmon, security operations and support manager at Blumira, comments, “As Florida municipalities approach the January 1, 2025 deadline for implementing the NIST Cybersecurity Framework (CSF), it’s crucial to prioritize a phased, actionable approach that addresses both immediate vulnerabilities and long-term resilience. Many municipalities face unique challenges with limited resources and legacy systems, but the NIST standards offer a flexible, scalable way to improve security posture incrementally.

“The first step is conducting a risk assessment to understand potential threats and vulnerabilities within the current infrastructure. Begin by identifying and focusing on the core NIST functions that matter most right now — like ‘Identify,’ ‘Protect’ and ‘Detect’ — to match your current operations and budget. 

“For example, you might start with a simple step: map out your critical systems and data to establish a baseline. Identify all the critical assets within an organization, understanding how they interact, and document their normal operations to create a point of reference. This one move can go a long way in reducing disruptions and keeping your most important assets safe from everyday threats.

“Another effective strategy is to partner with regional IT councils, private sector experts, and other municipalities to exchange insights, best practices, and resources. Training city staff on basic cybersecurity awareness can make a huge difference in preventing breaches, as most attacks exploit human error. You could also join LinkedIn groups such as the Information Security Community, which has over 600,000 members, and connect with security professionals focused on practical steps for system and network protection.

“For successful ongoing management, consider automating routine monitoring and response through affordable security tools. These tools can help municipalities maintain visibility without overextending their IT teams. Focusing on continuous improvement ensures that each new phase of compliance builds on previous progress, preparing Florida’s municipalities to meet the NIST standards confidently and sustainably.”