MNIT provides Managed Detection and Response (MDR), as well as other grant-subsidized cybersecurity tools and services, to eligible local government entities through the Whole-of-State Cybersecurity Plan. MNIT’s goal is to place little to no burden on entities that may not have the staff or other resources to invest in advanced security tools. MNIT’s Cyber Navigator team supports the entire process and meets participants at the level of support needed.
View a PDF Summary of MDRManaged detection and response (MDR) is a fully managed, anti-virus tool. MNIT's MDR Program provides low-cost, high-value solutions that otherwise might not be available to local government agencies. Sensors are installed on workstations, laptops, and servers, to monitor for security risks and malicious activity 24 hours a day, 7 days a week, 365 days a year. This is a completely managed solution, meaning the vendor and MNIT take the burden from organizations to detect and respond to cybersecurity threats.
MDR protects your devices (workstations, servers) through active monitoring and response to mitigate threats prior to an active exploitation, compromise, or exfiltration of data. It can protect against the primary attack vectors, including malicious links and attachments, use of credential compromises, and the exploitation of vulnerabilities in your network.
MNIT works with a MDR vendor to provide a cloud-based solution without restrictions of operating systems or hardware. A single, lightweight sensor is deployed on systems with no reboots, and a unified console displays your security information. Among its many features, this product includes 24/7/365 monitoring by the vendor’s overwatch team, which consists of analysts actively hunting for threats outside of traditional methods to detect advanced adversaries.
MDR looks for the types of attacks that could lead to data breaches, ransomware, or other major events and blocks those attacks. This MDR product is provided at a substantial price reduction and makes security as hands-off as each participating entity desires.
Minnesota's local government entities are eligible to participate in the Whole-of-State Plan and access MDR if they are: any Minnesota municipality, city, town, township, local public authority, critical infrastructure, school district, special district, intrastate district, county, Tribal Nation, port city, council of governments, regional or interstate government entity, or agency or instrumentality of a local government.
Participants are required to sign a MNIT-provided work order, provide basic contact information and security goals, and deploy the sensors in their environments. The MNIT Cyber Navigator team is available to assist with each of these steps, including providing step-by-step instructions and meeting with participants to guide the process. Once entities are actively using MNIT’s MDR Program, there are few actions needed unless participants choose to be more involved in mitigation or wish to understand and track threats, mitigations, or other actions.
The vendor’s security operations center (SOC), MNIT SOC, and MNIT Cyber Navigator team support participating entities through each phase of deployment and continued use. These teams are available to assist with any questions, schedule demonstrations, and expedite any issues you may encounter. The entire process can take as little as two weeks. However, entities are encouraged to start exploring this solution as early as possible to help answer questions that may arise. In some cases, the deployment process may be expedited to facilitate unique situations.
The vendor’s SOC and overwatch team are actively monitoring 24/7/365. Users can submit support tickets directly from their console at any time. The MNIT SOC and Cyber Navigator team are available during extended business hours to lend support and can be alerted after hours as needed. Entities will determine who at their respective organization is notified and what type of actions trigger a notification.
MNIT utilizes the MDR vendor across a range of environments which enables large-scale and considerably reduced bulk purchasing prices. The cost is then further reduced for local government partners through multiple cybersecurity grants.
The current price model is as follows per device annually:
The current full cost ($46) reflects the bulk purchasing price. These annual per-device prices reflect current license cost and availability of grant funds. MNIT seeks to further implement cost-savings for smaller entities and additional longer-term subsidies are actively being explored.
All eligible entities are encouraged to apply for MDR by following these next steps:
After you complete steps 1 and 2, a Cyber Navigator will contact you to schedule a meeting. In that meeting, they will provide an overview, review roles and responsibilities, answer questions, and share the required program documentation for your organization to sign. After documents are signed, MNIT will schedule a kick-off meeting and provide an entity-specific deployment timeline.
If you have questions, please reach out to our Cyber Navigator team at CN.MNIT@state.mn.us.