Security expert discusses Florida’s new cybersecurity standard bill

Scott Graham via Unsplash

Florida passed a bill requiring local governments to adopt new cybersecurity standards. These standards are designed to protect data, information technology and information technology resources for the purpose of confidentiality and availability. By January 1, 202, cities with a population less than 25,000 must be compliant. The standards local governments must follow are consistent with the best practices of the National Institute of Standards and Technology (NIST).

Nick Brigmon, security operations and support manager at Blumira, comments, “As Florida municipalities approach the January 1, 2025 deadline for implementing the NIST Cybersecurity Framework (CSF), it’s crucial to prioritize a phased, actionable approach that addresses both immediate vulnerabilities and long-term resilience. Many municipalities face unique challenges with limited resources and legacy systems, but the NIST standards offer a flexible, scalable way to improve security posture incrementally.

“The first step is conducting a risk assessment to understand potential threats and vulnerabilities within the current infrastructure. Begin by identifying and focusing on the core NIST functions that matter most right now — like ‘Identify,’ ‘Protect’ and ‘Detect’ — to match your current operations and budget.

“For example, you might start with a simple step: map out your critical systems and data to establish a baseline. Identify all the critical assets within an organization, understanding how they interact, and document their normal operations to create a point of reference. This one move can go a long way in reducing disruptions and keeping your most important assets safe from everyday threats.

“Another effective strategy is to partner with regional IT councils, private sector experts, and other municipalities to exchange insights, best practices, and resources. Training city staff on basic cybersecurity awareness can make a huge difference in preventing breaches, as most attacks exploit human error. You could also join LinkedIn groups such as the Information Security Community, which has over 600,000 members, and connect with security professionals focused on practical steps for system and network protection.

“For successful ongoing management, consider automating routine monitoring and response through affordable security tools. These tools can help municipalities maintain visibility without overextending their IT teams. Focusing on continuous improvement ensures that each new phase of compliance builds on previous progress, preparing Florida’s municipalities to meet the NIST standards confidently and sustainably.”

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Jordyn Alger is the managing editor for Security magazine. Alger writes for topics such as physical security and cyber security and publishes online news stories about leaders in the security industry. She is also responsible for multimedia content and social media posts. Alger graduated in 2021 with a BA in English – Specialization in Writing from the University of Michigan. Image courtesy of Alger

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.