Cybersecurity

Remember user experience in the zero trust journey

Education, user-friendly technologies and leadership buy in can help bring employees onboard.

  • By Chris Teale

ChatGPT could make phishing more sophisticated

The latest version’s greater “steerability” allows users to vary the style and tone of generated text to make scams even harder to detect.

  • By Chris Teale

NSA offers new tips on zero trust and identity

New zero trust guidance for government agencies highlights best practices for maturing identity and access controls.

  • By Natalie Alms

CISA launches pilot to spot ransomware vulnerabilities

By uncovering vulnerabilities associated with known exploits, CISA can warn critical infrastructure organizations so they can mitigate issues before a ransomware incident occurs.

  • By Susan Miller

Password mismanagement still at the heart of security issues

While many government employees reuse credentials that have been compromised and put online, one expert warned MFA is not the “silver bullet” solution.

  • By Chris Teale

Report: Increased remote work for many governments also raises cyber risks

Roughly one-third of government employees believe “their actions don’t matter when it comes to security,” according to a new survey.

  • By Edward Graham

New bills look to help small water systems tap cybersecurity assistance

New legislation looks to set aside $10 million to help subsidize fees for small utilities to join the Water Information Sharing and Analysis Center.

  • By Carten Cordell

Acting national cyber director offers new details on upcoming cyber workforce strategy

The forthcoming plan is meant to accompany an overarching cyber strategy released last week that industry groups and cybersecurity experts said would be challenging to implement given the nation’s cyber workforce woes. 

  • By Chris Riotta

NIST renews cyber center partnership, launches small business focus

The agency renewed its partnerships that support the National Cybersecurity Center of Excellence and launched the NIST Small Business Cybersecurity Community of Interest.

  • By Kirsten Errick

Lawmaker: Schools need federal advocate to negotiate cyber contracts

Sen. Ron Wyden penned a letter to Education Secretary Miguel Cardona, asking the agency to assist U.S. schools in drafting cybersecurity and data protection contracts with technology firms.

  • By Alexandra Kelley

How data breaches lead to fraud risk

By understanding the type and severity of data breaches, agencies can see where they should focus their efforts to curb identity fraud and prevent further victimization.

  • By Stephanie Kanowitz

National cyber strategy ‘promising’ for state, local governments

While some groups applauded the Biden administration’s pledge to prioritize cybersecurity and help small governments fight attacks, others said more technical assistance and federal funding is needed.

  • By Chris Teale

EPA releases water systems cyber requirement in tandem with national strategy

The Environmental Protection Agency unveiled new cybersecurity guidelines to help states evaluate their water sanitation systems’ defenses.

  • By Alexandra Kelley

Ransomware payments decreased in 2022 as criminals used other extortion tactics

A report from Recorded Future found that, even as ransomware continues to pose a global challenge for individuals and organizations, threat actors are increasingly using other methods to steal sensitive data and demand payments from victims.

  • By Edward Graham
Featured eBooks

Drone cybersecurity assessment program launches

The certification of commercial drones will help governments ensure the devices meet supply chain cybersecurity requirements.

  • By Chris Teale

Work with what you’ve got: Accelerating zero trust deployments

COMMENTARY | Because zero trust is founded on cybersecurity tenets like segmentation and identity management, state and local governments can adopt the strategy quickly and effectively.

  • By Jim Richberg

Unpatched, known vulnerabilities still key driver of cyberattacks

Separate research reports find that vulnerabilities for which patches have already been issued remain hackers’ primary way into an organization.

  • By Chris Teale

Cyber criminals are increasingly exploiting cloud environments, report finds

A new CrowdStrike report found that hackers and digital adversaries are relying less on malware, and more on unpatched vulnerabilities and data weaponization.

  • By Edward Graham

White House to officially ban TikTok from government devices within 30 days

The guidance follows legislation Congress passed late last year that officially required federal agencies to ban TikTok after dozens of states moved to restrict the app on government devices.

  • By Chris Riotta

Texas Public Safety agency sent at least 3,000 driver’s licenses to organized crime group targeting Asian Texans

A Chinese crime operation bypassed the password clues of Texas.gov by using stolen identity information to fraudulently obtain replacement driver’s licenses.

  • By Karen Brooks Harper, The Texas Tribune

Building scalable, cost-effective application security

COMMENTARY | Automated scanning and remediation platforms can identify, fix and prevent security gaps and vulnerabilities at the software application and development levels.

  • By Mark Townsend