NIST CSF 2.0 · CISA CPGs · HPH CPGs

Cyber Resilience
for Essential Services

Vendor-neutral guidance, open playbooks, and practical drills for U.S. municipal, utility, and healthcare organizations — built to protect the services communities depend on.

Browse Open Resources About This Project

Aligned with federal frameworks

NIST CSF 2.0 CISA Cross-Sector CPGs HHS HPH CPGs FY2025 SLCGP CISA KEV

The Challenge

Essential services are under-defended

Municipalities, utilities, and healthcare providers operate complex IT/OT environments with limited security budgets, legacy systems, and shrinking staff — making them prime targets.

Most commercial solutions are vendor-driven and too costly. What these organizations need is practical, evidence-based guidance they can act on — not product pitches.

73%

of U.S. municipalities lack dedicated cybersecurity staff

$10M+

average cost of a healthcare ransomware incident

CISA

designates SLTT and healthcare as critical infrastructure

Open

All our playbooks, checklists, and drill kits are free

Open License

Free Resources — No Strings

All playbooks, checklists, and drill kits are openly licensed. Use them, adapt them, share them.

PLAYBOOK Coming soon

Municipal Cyber Resilience Playbook

Step-by-step guide aligned with CSF 2.0 and CISA CPGs. Includes municipal, utility, and healthcare add-ons.

CHECKLIST Coming soon

Essential Hygiene Checklist

MFA, asset inventory, KEV patching, backup validation — one-pager for quick assessment.

DRILL KIT Coming soon

Tabletop Exercise Kit

Scenario templates, facilitator guides, and after-action report formats. Repeatable across jurisdictions.

Notify me when published

About

Wartime experience.
U.S. public-interest mission.

Citadel Cyber Solutions was founded by a cybersecurity leader who built and defended critical infrastructure for a city of 3 million — during a full-scale war.

Before relocating to the United States, our founder directed municipal cybersecurity operations in Kyiv — establishing a monitoring center that protected over 1,000 city facilities and repelled cyberattacks targeting thousands of surveillance systems during the 2022 Russian invasion.

That work was done in coordination with Fortinet, Cisco, HPE, and Motorola — under live threat conditions, with zero margin for error. We bring that framework to U.S. municipalities, hospitals, and utilities. Not theory. Proven under fire.

Vendor-Neutral Open License Public-Interest Evidence-Based

1,000+

city facilities protected during active wartime operations

residents served by infrastructure defended under live attack

CSF 2.0

All frameworks and resources aligned with NIST CSF 2.0

Open

All playbooks and artifacts freely licensed for any jurisdiction

Contact

Get in Touch

Questions about the resources, frameworks, or this project — reach out.

Cyber Resiliencefor Essential Services