Louisiana Cybersecurity Assurance Program (LCAP)

Home / Make A Plan / Cybersecurity Plan / Louisiana Cybersecurity Assurance Program

Louisiana Cybersecurity Assurance Program (LCAP)

OTS, working with GOHSEP, LANG, and LSP, has designed and formalized the Louisiana Cyber Assurance Program, which will significantly enhance the state’s proactive cybersecurity posture.  The program will monitor the assets previously deployed by ESF-17 to assist local government entities with threat mitigation. Building on the success of ESF-17, ESF-2 Cyber will create a digital ecosystem that collects, analyzes, and distributes cyber threat intelligence in an active, 24/7 monitored environment.  

Office of Cyber Readiness

The Office of Cyber Readiness (OCR) is hosted by the Louisiana Military Department.

Services rendered by OCR are Cyber Readiness Assessments, which include:  

  • Vulnerability assessments  
  • Documenting results  
  • Recommending improvements/changes  
  • Consistently verifying and validating improved posture

  Participation is purely voluntary.  All results are recorded and periodically measured for increased assurance. Simply put, the goal is for OCR to assess vulnerabilities and report findings faster than the attackers. 

Cyber Threat Analysis Center

Hosted by GOHSEP, the Cyber Threat Analysis Center (CTAC) conducts advanced active threat monitoring and information sharing.  The CTAC helps organizations improve their security posture, operational efficiency, incident identification, and response efforts. 

Security Operations Center (SOC)

A SOC is a centralized function or team responsible for improving an organization’s cybersecurity posture and preventing, detecting, and responding to threats. Using multiple data collection devices, information is digested through the Cyber Threat Analysis Center.  Effectively, the CTAC captures event logs and sends data to SOAR, which automatically pushes responsive commands to defend the networks. 

Cyber Threat Intelligence

Cyber Threat Intelligence (CTI) is the process of collecting, analyzing, and applying data on cyber threats, adversaries, and attack methodologies to enhance an organization's security posture. Additionally, the CTAC has established an Information Sharing and Analysis Center (ISAC) that is in place to gather and share relevant information on cyber threats to each relevant industry. This information will be shared through the use and implementation of STIX and TAXII feeds. This will facilitate standardized multidirectional sharing of critical data.

Endpoint Detection Deployment

What is Endpoint Detection and Response? - Endpoint Detection and Response (EDR) is a cybersecurity technology that continuously monitors endpoints for evidence of threats and performs automatic actions to help mitigate them. Endpoints are the physical devices connected to a network, such as mobile phones and desktops, that give malicious actors multiple points of entry for an attack. EDR solutions help security analysts detect and remediate threats on endpoints before they can spread throughout your network.

Detection Deployment—We are continuing to deploy endpoint detection and response software across Louisiana to be consistent with the shift to a proactive rather than reactive cybersecurity posture. Although 100% prevention is nearly impossible, early detection and remediation are obtainable, and these efforts are the foundation for getting there.  

Incident Response

Hosted by the Governor’s Office of Homeland Security and Emergency Preparedness (GOHSEP), the Cyber & Emerging Threats Incident Response Team (IR) will perform “Cyber Incident Response” which will include to contain, eradicate, and assist in the remediation & recovery of any local or state entity in a cyber emergency. In addition, documented results, recommend improvements, and verify and validate that the cyber threat is eliminated and reinforce the agency’s security posture against future threats.

IR is available to voluntarily assist public entities (including local and rural entities) designated by the Governor’s Office of Homeland Security and Emergency Preparedness as Critical Infrastructure and Key Resources (CIKR). IR will utilize state-of-the-art commercial software and hardware to assist in the mitigation and recovery. Upon completion, each Service Recipient will receive a closing document that articulates any mitigation efforts provided (hardware and software) to be discussed at the departure of the IR Team with agency heads.