NIST CSF 2.0 · CISA CPGs · HPH CPGs

Cyber Resilience
for Essential Services

Vendor-neutral guidance, open playbooks, and practical drills for U.S. municipal, utility, and healthcare organizations — built to protect the services communities depend on.

Download Free Playbook Schedule a Briefing

Aligned with federal frameworks

NIST CSF 2.0 CISA Cross-Sector CPGs HHS HPH CPGs FY2025 SLCGP CISA KEV

The Challenge

Essential services are under-defended

Municipalities, utilities, and healthcare providers operate complex IT/OT environments with limited security budgets, legacy systems, and shrinking staff — making them prime targets.

Most commercial solutions are vendor-driven and too costly. What these organizations need is practical, evidence-based guidance they can act on — not product pitches.

73%

of U.S. municipalities lack dedicated cybersecurity staff

$10M+

average cost of a healthcare ransomware incident

CISA

designates SLTT and healthcare as critical infrastructure

Open

All our playbooks, checklists, and drill kits are free

What We Do

Practical Resilience, Not Theory

Actionable services aligned with NIST CSF 2.0 functions — built for organizations that need results, not overhead.

Baseline Assessments

Gap analysis against CSF 2.0 and CISA CPGs. MFA coverage, asset inventory, segmentation, KEV patch hygiene — documented and prioritized.

IDENTIFY · PROTECT

Tabletop Drills & Training

Cross-jurisdiction tabletop exercises, open briefings for CIO/CISO/ops/clinical audiences, and practice labs — virtual or in-person.

RESPOND · RECOVER

IT/OT Advisory

Secure remote access, network segmentation, logging and alerting for essential services — guidance that works in mixed IT/OT environments.

DETECT · GOVERN

Open License

Free Resources — No Strings

All playbooks, checklists, and drill kits are openly licensed. Use them, adapt them, share them.

PLAYBOOK Coming soon

Municipal Cyber Resilience Playbook

Step-by-step guide aligned with CSF 2.0 and CISA CPGs. Includes municipal, utility, and healthcare add-ons.

CHECKLIST Coming soon

Essential Hygiene Checklist

MFA, asset inventory, KEV patching, backup validation — one-pager for quick assessment.

DRILL KIT Coming soon

Tabletop Exercise Kit

Scenario templates, facilitator guides, and after-action report formats. Repeatable across jurisdictions.

Notify me when published

About

Wartime experience.
U.S. public-interest mission.

Citadel Cyber Solutions was founded by a cybersecurity professional whose experience includes municipal-scale infrastructure leadership under active conflict conditions.

That operational background informs every framework and drill kit we produce: built for real-world constraints, not ideal conditions.

Vendor-Neutral Open License Public-Interest Evidence-Based

+20–30%

readiness uplift target within 12 months of engagement

≥95%

MFA coverage target for privileged and remote access

CSF 2.0

All deliverables mapped to NIST CSF 2.0 functions

Open

All public artifacts freely licensed for any jurisdiction

Get in Touch

Ready to strengthen your defenses?

Whether you need a baseline assessment, a tabletop drill, or just want to talk through your gaps — reach out. First conversation is always free.

Cyber Resiliencefor Essential Services