Cybersecurity

Why you should consider outcome-based security

Agencies can better align their cybersecurity and business priorities when they have affordable risk management solutions that deliver measurable results.

  • By Stephanie Kanowitz

Cyber agencies unveil updated ransomware guide

The 2023 version offers more detailed, step-by-step guidance and associated recommendations to fortify public and private networks against sophisticated ransomware.

  • By Alexandra Kelley

Lawmakers advocate more funds for state fusion centers

Better information sharing across regions and state lines could help counter growing cyberthreats and help law enforcement collaborate, House members said.

  • By Chris Teale

A TikTok ban isn’t a data security solution. It will be difficult to enforce – and could end up hurting users

Montana recently banned downloading the popular social media app TikTok within state lines, but some question if the law could be enforced and if it actually protects user's data.

  • By Milovan Savic, The Conversation

Federal grants could boost whole-of-state cyber defense

The $1 billion State and Local Government Cybersecurity Grant Program requires states to collaborate more closely with their local governments, reinforcing the holistic approach favored in many state capitals.

  • By Chris Teale

Should governments ban TikTok? Can they?

A cybersecurity expert explains the risks the app poses and the challenges to blocking it.

  • By Doug Jacobson, The Conversation

Ransomware vulnerability warning pilot yielding valuable lessons, CISA official says

The program aims to improve information sharing on cyber vulnerabilities across all levels of government, focusing on resource-poor organizations such as state, local, tribal and territorial agencies.

  • By Chris Riotta

State auditor seeks cyber readiness evaluation for agencies with DOD contracts

The Colorado Office of the State Auditor wants to be sure that agencies that receive funding from the Defense Department can meet DOD’s Cybersecurity Maturity Model Certification requirements.

  • By Susan Miller

Enforcement questions dog state’s proposed TikTok ban

One expert derided legislation like Montana’s statewide ban on TikTok as “breathtakingly obtuse” and unenforceable from a technological point of view.

  • By Chris Teale

Voting machines must be test hacked for certification, under proposed bill

The new law would require cybersecurity penetration testing as part of voting systems’ approval process.

  • By Kirsten Errick

Lessons from ‘Star Trek: Picard’ – a cybersecurity expert explains how a sci-fi series illuminates today’s threats

Centrally administered systems offer cost savings and advanced capabilities, but could expose Earth-bound organizations to potential risks and vulnerabilities when used without proper precautions.

  • By Richard Forno, The Conversation

Why take the whole-of-state approach to ransomware protection and remediation

COMMENTARY | Using the best cybersecurity policies and data protection technology in a statewide framework allows local agencies to say no to any ransom demands, confident that their data is securely backed up and easily accessible.

  • By Ron Nixon

How government can build secure and frictionless digital identity programs

States that lost millions to fraud during the pandemic have plenty of ways to tighten their ID management programs, a new playbook suggests.

  • By Chris Teale

State-sponsored actors leading cause of cyber concern in public sector

A new SolarWinds report details how foreign hackers have become the largest concern among government entities, and how zero-trust strategies have become the most popular defense.

  • By Alexandra Kelley
Featured eBooks

CISA, FBI need data from cybercrime victims to support policy

The federal agencies tasked with tracking and preventing cybercrime rely on collaboration and data sharing to protect U.S. digital networks.

  • By Alexandra Kelley

How local governments can protect themselves against third-party threats

COMMENTARY | Adaptive, multilayered solutions will help agencies fend off opportunistic supply-chain attacks.

  • By Andi Welch

Combating threats to employees in digital spaces

COMMENTARY | User activity monitoring and behavior analytics can beef up cybersecurity training and help protect the agency from internal and external risk.

  • By Michael Crouse

Global appeal of NIST cyber framework leads to multiple translations, possible updates

The National Institute of Standards and Technology aims to ensure its forthcoming update to the cybersecurity guidance remains a flexible playbook domestic and international entities can adopt.

  • By Alexandra Kelley

EVs rev up cybersecurity challenges

Without a meaningful way to secure and insure the electric-vehicle infrastructure, EV owners, charging stations and fleet managers are vulnerable to hackers.

  • By Chris Teale

Zero-trust citizen access: Secure services for residents and agencies

COMMENTARY | A zero-trust citizen portal gives residents seamless access to public services while protecting increasingly vulnerable government networks from attack.

  • By Ian Milligan-Pate

Generative AI helps spot malicious open-source code

Developers can ask DroidGPT natural language questions about the code they’re researching and get instant ratings on its security from Endor Labs’ proprietary database.

  • By Chris Teale