Phishing defense, one simulated email at a time

With a platform that trains staff not to click on links in seemingly relevant emails, San Francisco cut the click rate on test emails by 50% in the first 18 months.

State looks to better assess vendor security

Michigan wants a “security rating snapshot” of contractors as well as a public portal that details their financial risk.

Why you should consider outcome-based security

Agencies can better align their cybersecurity and business priorities when they have affordable risk management solutions that deliver measurable results.

Cyber agencies unveil updated ransomware guide

The 2023 version offers more detailed, step-by-step guidance and associated recommendations to fortify public and private networks against sophisticated ransomware.

Lawmakers advocate more funds for state fusion centers

Better information sharing across regions and state lines could help counter growing cyberthreats and help law enforcement collaborate, House members said.

A TikTok ban isn’t a data security solution. It will be difficult to enforce – and could end up hurting users

Montana recently banned downloading the popular social media app TikTok within state lines, but some question if the law could be enforced and if it actually protects user's data.

Federal grants could boost whole-of-state cyber defense

The $1 billion State and Local Government Cybersecurity Grant Program requires states to collaborate more closely with their local governments, reinforcing the holistic approach favored in many state capitals.

Should governments ban TikTok? Can they?

A cybersecurity expert explains the risks the app poses and the challenges to blocking it.

Ransomware vulnerability warning pilot yielding valuable lessons, CISA official says

The program aims to improve information sharing on cyber vulnerabilities across all levels of government, focusing on resource-poor organizations such as state, local, tribal and territorial agencies.

State auditor seeks cyber readiness evaluation for agencies with DOD contracts

The Colorado Office of the State Auditor wants to be sure that agencies that receive funding from the Defense Department can meet DOD’s Cybersecurity Maturity Model Certification requirements.

Enforcement questions dog state’s proposed TikTok ban

One expert derided legislation like Montana’s statewide ban on TikTok as “breathtakingly obtuse” and unenforceable from a technological point of view.

Voting machines must be test hacked for certification, under proposed bill

The new law would require cybersecurity penetration testing as part of voting systems’ approval process.

Lessons from ‘Star Trek: Picard’ – a cybersecurity expert explains how a sci-fi series illuminates today’s threats

Centrally administered systems offer cost savings and advanced capabilities, but could expose Earth-bound organizations to potential risks and vulnerabilities when used without proper precautions.

Why take the whole-of-state approach to ransomware protection and remediation

COMMENTARY | Using the best cybersecurity policies and data protection technology in a statewide framework allows local agencies to say no to any ransom demands, confident that their data is securely backed up and easily accessible.

How government can build secure and frictionless digital identity programs

States that lost millions to fraud during the pandemic have plenty of ways to tighten their ID management programs, a new playbook suggests.

State-sponsored actors leading cause of cyber concern in public sector

A new SolarWinds report details how foreign hackers have become the largest concern among government entities, and how zero-trust strategies have become the most popular defense.

CISA, FBI need data from cybercrime victims to support policy

The federal agencies tasked with tracking and preventing cybercrime rely on collaboration and data sharing to protect U.S. digital networks.