Cybersecurity

Senators request cyber safety analysis of Chinese-owned DJI drones

Lawmakers raised concerns that sensitive data could leak to adversaries through foreign-owned consumer technology. 

  • By Alexandra Kelley

Florida city water cyber incident allegedly caused by employee error

Al Braithwaite, the former city manager of Oldsmar, Florida, said the 2021 episode was not caused by outside hackers but was instead a “non-event” sparked by user error.

  • By Chris Teale

What is the National Cybersecurity Strategy? A cybersecurity expert explains what it is and what the Biden administration has changed

The National Cybersecurity Strategy outlines a need for improved cyber hygiene through cyber insurance, data sharing and fostering technology research.

  • By Richard Forno, The Conversation

CISA: Election security still under threat at cyber and physical level

Threats enacted by state-sponsored actors during the 2022 election have highlighted the need for “continued vigilance” in upcoming elections, said CISA Election Security Advisor Kim Wyman.

  • By Alexandra Kelley

State cyber workforce challenges reaching ‘crisis levels’

By marketing themselves better and adapting to remote work, states can attract and retain more cybersecurity workers, a new report suggests.

  • By Chris Teale

Remember user experience in the zero trust journey

Education, user-friendly technologies and leadership buy in can help bring employees onboard.

  • By Chris Teale

ChatGPT could make phishing more sophisticated

The latest version’s greater “steerability” allows users to vary the style and tone of generated text to make scams even harder to detect.

  • By Chris Teale

NSA offers new tips on zero trust and identity

New zero trust guidance for government agencies highlights best practices for maturing identity and access controls.

  • By Natalie Alms

CISA launches pilot to spot ransomware vulnerabilities

By uncovering vulnerabilities associated with known exploits, CISA can warn critical infrastructure organizations so they can mitigate issues before a ransomware incident occurs.

  • By Susan Miller

Password mismanagement still at the heart of security issues

While many government employees reuse credentials that have been compromised and put online, one expert warned MFA is not the “silver bullet” solution.

  • By Chris Teale

Report: Increased remote work for many governments also raises cyber risks

Roughly one-third of government employees believe “their actions don’t matter when it comes to security,” according to a new survey.

  • By Edward Graham

New bills look to help small water systems tap cybersecurity assistance

New legislation looks to set aside $10 million to help subsidize fees for small utilities to join the Water Information Sharing and Analysis Center.

  • By Carten Cordell

Acting national cyber director offers new details on upcoming cyber workforce strategy

The forthcoming plan is meant to accompany an overarching cyber strategy released last week that industry groups and cybersecurity experts said would be challenging to implement given the nation’s cyber workforce woes. 

  • By Chris Riotta

NIST renews cyber center partnership, launches small business focus

The agency renewed its partnerships that support the National Cybersecurity Center of Excellence and launched the NIST Small Business Cybersecurity Community of Interest.

  • By Kirsten Errick
Featured eBooks

Lawmaker: Schools need federal advocate to negotiate cyber contracts

Sen. Ron Wyden penned a letter to Education Secretary Miguel Cardona, asking the agency to assist U.S. schools in drafting cybersecurity and data protection contracts with technology firms.

  • By Alexandra Kelley

How data breaches lead to fraud risk

By understanding the type and severity of data breaches, agencies can see where they should focus their efforts to curb identity fraud and prevent further victimization.

  • By Stephanie Kanowitz

National cyber strategy ‘promising’ for state, local governments

While some groups applauded the Biden administration’s pledge to prioritize cybersecurity and help small governments fight attacks, others said more technical assistance and federal funding is needed.

  • By Chris Teale

EPA releases water systems cyber requirement in tandem with national strategy

The Environmental Protection Agency unveiled new cybersecurity guidelines to help states evaluate their water sanitation systems’ defenses.

  • By Alexandra Kelley

Ransomware payments decreased in 2022 as criminals used other extortion tactics

A report from Recorded Future found that, even as ransomware continues to pose a global challenge for individuals and organizations, threat actors are increasingly using other methods to steal sensitive data and demand payments from victims.

  • By Edward Graham

Drone cybersecurity assessment program launches

The certification of commercial drones will help governments ensure the devices meet supply chain cybersecurity requirements.

  • By Chris Teale

Work with what you’ve got: Accelerating zero trust deployments

COMMENTARY | Because zero trust is founded on cybersecurity tenets like segmentation and identity management, state and local governments can adopt the strategy quickly and effectively.

  • By Jim Richberg