Cyber Defense

Voting machines must be test hacked for certification, under proposed bill

The new law would require cybersecurity penetration testing as part of voting systems’ approval process.

Local leaders feel cloud migration pressure, survey says

With applications now offered as cloud-only services, many local government IT executives said they felt they had little choice but to move to the cloud.

How local governments can protect themselves against third-party threats

COMMENTARY | Adaptive, multilayered solutions will help agencies fend off opportunistic supply-chain attacks.

Combating threats to employees in digital spaces

COMMENTARY | User activity monitoring and behavior analytics can beef up cybersecurity training and help protect the agency from internal and external risk.

Global appeal of NIST cyber framework leads to multiple translations, possible updates

The National Institute of Standards and Technology aims to ensure its forthcoming update to the cybersecurity guidance remains a flexible playbook domestic and international entities can adopt.

Generative AI helps spot malicious open-source code

Developers can ask DroidGPT natural language questions about the code they’re researching and get instant ratings on its security from Endor Labs’ proprietary database.

Cyberattack accelerates county’s modernization, cloud push

Last year’s ransomware attack showed “cloud averse” employees in New York’s Suffolk County the benefits of moving away from legacy technology.

US teams up with partner nations to release smart city cyber guidance

A joint effort between the U.S., U.K., Australia, Canada and New Zealand yielded recommendations to prevent cyber attacks on increasingly digital infrastructure.

Risk management through resilient technology

Resilient technology creates a more stable IT environment that saves money, increases cybersecurity and requires fewer resources to support it, a new report says.

What are passkeys? A cybersecurity researcher explains how you can use your phone to make passwords a thing of the past

Passwords can be hard to remember and easy to compromise, making passkeys an attractive option for digital authentication.

Turning the heat up on election security

With the 2024 presidential election rapidly approaching, Arizona’s secretary of state pushes to protect election systems from outside threats.

Passwordless authentication could cure user verification ills

As compromised and weak passwords continue to create major, ongoing vulnerabilities, organizations are looking at FIDO-based login options.

How one state looks to shared cyber services to defend rural areas

Colorado plans to leverage federal grant dollars to help its smaller communities protect themselves and expand a shared security operations center to track threats.

How to talk to users about cybersecurity

User-friendly login tools and clear communication go a long way toward getting staff in step with cybersecurity protocols.

Turning hackers’ behavior against them

By identifying psychological biases of hackers, a new program aims to develop proactive network defenses that go beyond tech-based solutions and rely on analysis of attackers’ behavior to thwart them.

State mandates K-12 cyber education

North Dakota is the first state in the nation to require cybersecurity education be integrated into K-12 classrooms.

CISA gives ransomware victims a heads-up

The Pre-Ransomware Notification Initiative takes advantage of the time between initial penetration and data theft or encryption to notify victims so they can identify and eliminate hackers from their system.