Cybersecurity

Synthetic fraud is on the rise. Here’s how governments can combat it

Fraud will continue at scale as criminals become better networked, using the dark web to share tips including how to fool selfie verification tools.

Cross-agency group explores next steps for identity verification

The group's new report and simulation tool will help officials identify trade-off considerations for different identity solutions and frameworks.

Locking down identity and access management post-SolarWinds

The epic intrusion campaign has turned up the brights on vendors providing authentication services, but agencies will still need to be actively engaged for effective implementation.

Lawmakers debate ROI on cyber insurance

The jury is still out on how using insurance policies to pay ransoms and re-establish systems after a cyberattack affects critical infrastructure organizations’ individual and collective resilience.

Allied cybersecurity agencies advise against disabling popular tool for cyberattackers

The Microsoft program – PowerShell – has granted malicious actors in major hacks remote command and control ability over victims, but, by the same token, it can improve cybersecurity management across an enterprise.

How volunteers help states shore up cybersecurity

Programs in Michigan, Wisconsin and Ohio bring in volunteer experts to conduct assessments and incident response for government systems.

Biden strengthens cyber coordination between DHS and state, local government

The State and Local Government Cybersecurity Act improves collaboration between DHS and state and local governments by boosting the sharing of information and federal resources.

How to reframe the cybersecurity conversation for elected officials

Cybersecurity teams can use an emergency management framework to prepare elected officials to respond to and communicate about a cyber incident.

Watchdog finds cyber risks in TVA control systems

The Tennessee Valley Authority, a federal utility operating in seven southeastern states, lacked proper IT controls and cybersecurity oversight of systems assisting with flood and river management, according to a recent inspector general report.

Brush up on phishing detection to prevent ransomware

With ransomware commonly entering state and local IT networks through phishing emails, employees must learn to spot social engineering scams, a new report says.

Cyber competition builds skills, teamwork

Participating in the International Cyber League helps the IT team at the Illinois State Treasurer’s office test their skills against real-world network threats.

Authentication considerations for state and local governments

Multifactor authentication adds a layer of security to accessing accounts but agencies should know the differences between methods.

Software bill of materials is about more than compliance, expert says

As organizations look to hammer out the standards for SBOMs, they’re also looking at how to automate the vulnerability checking process.

EPA seeks funding to improve the cybersecurity of America’s water systems

The Environmental Protection Agency aims to invest $4 billion in upgrades to the nation’s water and wastewater infrastructure with a strong focus on cybersecurity.

How XDR can identify and fill the cracks in state and local government’s cybersecurity posture

By enabling security solutions to do what they’re intended to do—identify threats—extended detection response better equips security personnel to analyze these identified vulnerabilities and respond to inbound threats.

Postal Service should 'act swiftly' to scale up identity services, IG says

USPS is working with the General Services Administration on more in-person options for Login.gov, according to a new whitepaper from the U.S. Postal Service's Inspector General.