Cybersecurity

Federal grants could boost whole-of-state cyber defense

The $1 billion State and Local Government Cybersecurity Grant Program requires states to collaborate more closely with their local governments, reinforcing the holistic approach favored in many state capitals.

Should governments ban TikTok? Can they?

A cybersecurity expert explains the risks the app poses and the challenges to blocking it.

Ransomware vulnerability warning pilot yielding valuable lessons, CISA official says

The program aims to improve information sharing on cyber vulnerabilities across all levels of government, focusing on resource-poor organizations such as state, local, tribal and territorial agencies.

State auditor seeks cyber readiness evaluation for agencies with DOD contracts

The Colorado Office of the State Auditor wants to be sure that agencies that receive funding from the Defense Department can meet DOD’s Cybersecurity Maturity Model Certification requirements.

Enforcement questions dog state’s proposed TikTok ban

One expert derided legislation like Montana’s statewide ban on TikTok as “breathtakingly obtuse” and unenforceable from a technological point of view.

Voting machines must be test hacked for certification, under proposed bill

The new law would require cybersecurity penetration testing as part of voting systems’ approval process.

Lessons from ‘Star Trek: Picard’ – a cybersecurity expert explains how a sci-fi series illuminates today’s threats

Centrally administered systems offer cost savings and advanced capabilities, but could expose Earth-bound organizations to potential risks and vulnerabilities when used without proper precautions.

Why take the whole-of-state approach to ransomware protection and remediation

COMMENTARY | Using the best cybersecurity policies and data protection technology in a statewide framework allows local agencies to say no to any ransom demands, confident that their data is securely backed up and easily accessible.

How government can build secure and frictionless digital identity programs

States that lost millions to fraud during the pandemic have plenty of ways to tighten their ID management programs, a new playbook suggests.

State-sponsored actors leading cause of cyber concern in public sector

A new SolarWinds report details how foreign hackers have become the largest concern among government entities, and how zero-trust strategies have become the most popular defense.

CISA, FBI need data from cybercrime victims to support policy

The federal agencies tasked with tracking and preventing cybercrime rely on collaboration and data sharing to protect U.S. digital networks.

How local governments can protect themselves against third-party threats

COMMENTARY | Adaptive, multilayered solutions will help agencies fend off opportunistic supply-chain attacks.

Combating threats to employees in digital spaces

COMMENTARY | User activity monitoring and behavior analytics can beef up cybersecurity training and help protect the agency from internal and external risk.

Global appeal of NIST cyber framework leads to multiple translations, possible updates

The National Institute of Standards and Technology aims to ensure its forthcoming update to the cybersecurity guidance remains a flexible playbook domestic and international entities can adopt.

EVs rev up cybersecurity challenges

Without a meaningful way to secure and insure the electric-vehicle infrastructure, EV owners, charging stations and fleet managers are vulnerable to hackers.

Zero-trust citizen access: Secure services for residents and agencies

COMMENTARY | A zero-trust citizen portal gives residents seamless access to public services while protecting increasingly vulnerable government networks from attack.

Generative AI helps spot malicious open-source code

Developers can ask DroidGPT natural language questions about the code they’re researching and get instant ratings on its security from Endor Labs’ proprietary database.