Cybersecurity

State cyber workforce challenges reaching ‘crisis levels’

By marketing themselves better and adapting to remote work, states can attract and retain more cybersecurity workers, a new report suggests.

Remember user experience in the zero trust journey

Education, user-friendly technologies and leadership buy in can help bring employees onboard.

ChatGPT could make phishing more sophisticated

The latest version’s greater “steerability” allows users to vary the style and tone of generated text to make scams even harder to detect.

NSA offers new tips on zero trust and identity

New zero trust guidance for government agencies highlights best practices for maturing identity and access controls.

CISA launches pilot to spot ransomware vulnerabilities

By uncovering vulnerabilities associated with known exploits, CISA can warn critical infrastructure organizations so they can mitigate issues before a ransomware incident occurs.

Password mismanagement still at the heart of security issues

While many government employees reuse credentials that have been compromised and put online, one expert warned MFA is not the “silver bullet” solution.

Report: Increased remote work for many governments also raises cyber risks

Roughly one-third of government employees believe “their actions don’t matter when it comes to security,” according to a new survey.

New bills look to help small water systems tap cybersecurity assistance

New legislation looks to set aside $10 million to help subsidize fees for small utilities to join the Water Information Sharing and Analysis Center.

Acting national cyber director offers new details on upcoming cyber workforce strategy

The forthcoming plan is meant to accompany an overarching cyber strategy released last week that industry groups and cybersecurity experts said would be challenging to implement given the nation’s cyber workforce woes. 

NIST renews cyber center partnership, launches small business focus

The agency renewed its partnerships that support the National Cybersecurity Center of Excellence and launched the NIST Small Business Cybersecurity Community of Interest.

Lawmaker: Schools need federal advocate to negotiate cyber contracts

Sen. Ron Wyden penned a letter to Education Secretary Miguel Cardona, asking the agency to assist U.S. schools in drafting cybersecurity and data protection contracts with technology firms.

How data breaches lead to fraud risk

By understanding the type and severity of data breaches, agencies can see where they should focus their efforts to curb identity fraud and prevent further victimization.

National cyber strategy ‘promising’ for state, local governments

While some groups applauded the Biden administration’s pledge to prioritize cybersecurity and help small governments fight attacks, others said more technical assistance and federal funding is needed.

EPA releases water systems cyber requirement in tandem with national strategy

The Environmental Protection Agency unveiled new cybersecurity guidelines to help states evaluate their water sanitation systems’ defenses.

Ransomware payments decreased in 2022 as criminals used other extortion tactics

A report from Recorded Future found that, even as ransomware continues to pose a global challenge for individuals and organizations, threat actors are increasingly using other methods to steal sensitive data and demand payments from victims.

Drone cybersecurity assessment program launches

The certification of commercial drones will help governments ensure the devices meet supply chain cybersecurity requirements.

Work with what you’ve got: Accelerating zero trust deployments

COMMENTARY | Because zero trust is founded on cybersecurity tenets like segmentation and identity management, state and local governments can adopt the strategy quickly and effectively.