Main Content


$1.33 Billion
Cyberattack victims in the United States lost a collective $1.33 billion to cyber actors in 2016

Malicious cyber actors threaten critical infrastructure, essential services, and sensitive information

300% Increase
Cyberattacks have increased 300% during the first quarter of 2016 compared to all of 2015

Least Proficient
States consistently rate cybersecurity as their least proficient core capability in their State Preparedness Reports (SPRs)1
Highest Risk
Cybersecurity has the lowest 2016 capability rating for State Preparedness according to State Preparedness Reports (SPRs)

Areas of Improvement
The National Preparedness Report has highlighted cybersecurity as a national area for improvement for the past six years1

Be Proactive

The threat of cyberattacks is real and expanding. Cyberattacks are becoming more common, more dangerous, and more sophisticated. At the national level, organized cybercrime, state-sponsored hackers, and cyber-espionage can pose national security risks to our country. Adversaries target our nation’s critical infrastructure, including both private and public sector networks. Transportation, power, and other services are just a few of their potential targets.

The best protection against cyberattacks is prevention. While no one may ever be completely safe from a cyberattack, there are several actions you can take to protect yourself.

Taking preventative measures will help you avoid significant losses from cyberattacks. Implementing preventative measures, on average, saves several million dollars per cyberattack when compared to reactionary measures.

  • In 2017, over 200,000 individuals and more than 300,000 computers fell victim to a ransomware attack by a WannaCry cryptoworm
  • It is estimated that response efforts to WannaCry cost public and private organizations between $2 billion and $4 billion5
  • Victims paid more than $209M in cyberattack ransom during the first quarter of 2016

According to the National Preparedness Report, Cybersecurity is the lowest rated core capability and the capability in greatest danger of decline.

Best Practices, Guidance and Resources

The following section includes guidance and resources to help your organization address cybersecurity threats and implement a cybersecurity architecture to improve your cybersecurity posture by leveraging the National Institute of Standards and Technology (NIST) Cybersecurity Framework.

Cybersecurity Gap Analysis

FEMA, in partnership with the Department of Homeland Security (DHS) Science and Technology Directorate (S&T) and the National Protection and Programs Directorate (NPPD), is offering a limited number of anonymous Cybersecurity Gap Analyses. Cybersecurity Gap Analyses will help FEMA stakeholders (State, Local, Tribal and Territorial partners) inventory their current cybersecurity capabilities and identify existing gaps. This will allow their Chief Information Officer and Chief Information Security Officer to prioritize those gaps and significantly improve their cybersecurity postures. To request a gap analysis, please email

FEMA National Cyber Resilient Architecture

FEMA is developing the National Cyber Resilient Architecture to provide organizations with centralized cybersecurity best practices and guidance on their cybersecurity capabilities. This robust, innovative, and holistic cybersecurity architecture will help mitigate modern threats by leveraging best practices and implementable solutions while improving workforce efficiency.

The cybersecurity architecture includes 14 core technical capabilities including: Network segmentation, network security, asset management, identity management, privilege access, patching and vulnerability management, continuous monitoring, endpoint protection, public key infrastructure / key management, log management, phishing protections, configuration management, data loss prevention, and data security.

Additionally, we will provide additional guidance on over 22 additional technical capabilities.

The architecture will incorporate best practices from the private sector (e.g. Network Segmentation, Software Defined Perimeter, and Application Segmentation) and adapt to various sizes and missions. It is designed to address Cloud, Mobile, and Legacy threats.

The architecture is mapped directly to the NIST Cybersecurity Framework and NIST 800-53 controls.

For a list of cybersecurity best-practices and investment recommendations see Exhibit B: Cybersecurity Industry-Accepted Practices and Investment Recommendations.

FEMA Training

FEMA is developing a new multi-tier training to help organizations better understand the importance of cybersecurity. Those will be publicly released on FEMA’s YouTube Channel.

Additional Cybersecurity Resources

FEMA recommends that recipients and subrecipients review the following resources in order to understand the tools and capabilities available to support cybersecurity preparedness:

  • The National Institute of Standards and Technology (NIST) Cybersecurity Framework: NIST’s Cybersecurity Framework consists of standards, guidelines, and best practices to help support cybersecurity activities. For more information, visit NIST’s website at
  • DHS Office of Cybersecurity and Communications (CS&C): DHS CS&C provides several resources to help state and local governments ensure that they have the knowledge, training, and materials to plan for and prevent against cyberattacks. For more information, please visit


For more information on the National Cyber Resilience Architecture and how it applies to your community, please email

Last Updated: 
07/05/2019 - 17:02