Cybersecurity

Cyber training is key to help underserved communities, report finds

States must work to develop cybersecurity professionals in areas that have been left behind, and can use relationships with schools and nonprofits to do so, according to a new NASCIO report.

State and local security adjusting to shifting cyber threats, insurance requirements

COMMENTARY | Ransomware and other threats are making cyber insurance—and the stronger security needed to qualify for it—imperative for government organizations.

Russian email domains sent uncredible bomb threats to polling places, FBI says

Kremlin-backed actors have a long record of sowing fear and disinformation into the U.S. election process.

New art exhibit helps make cyber issues real

The show in Alexandria, Virginia, explores issues like privacy, artificial intelligence and misinformation through artistic expression.

Why Cybersecurity Awareness Month should be every month

COMMENTARY | Cybercrime costs have surpassed $10 trillion globally, illustrating the relentless threat and why state CISOs say they want the spotlight on cybersecurity year-round.

What states learned from the CrowdStrike outage

Three months since a faulty update caused outages and disruptions worldwide, state CIOs are looking back and assessing how they did.

Amid tight budgets and talent gaps, the job of state technology chief just keeps expanding

Many state chief information security officers say they don’t have a reliable budget, staff or expertise to adequately protect against cyberattacks, according to a new survey.

How two states have spent their share of the $1B in cybersecurity grants

With little precedent for such a big federal investment in cybersecurity, states have largely had to write their own playbooks on how to distribute the funds to local governments.

How the nation’s largest school system keeps students safe

By thinking of physical and digital safety as the same, the New York City schools are preparing their systems for ever-evolving technologies.

Crowdstrike debacle underlines single-point-of-failure risk

COMMENTARY | As our dependency on technology and energy increases, state and local leaders need to take a hard look at their disaster recovery and business plans.

Texas’ $1.4B settlement with Meta highlights the need for data privacy protections, experts say

Attorney General Ken Paxton secured an eye-watering sum for Facebook’s alleged misuse of facial recognition tech. But observers argue that states need to go further and put more teeth in privacy laws.

Cyberattacks still ravage schools, defying White House efforts launched last year

Thousands of school districts have tapped into resources committed by the private sector to shore up their cyberdefenses.

Using ‘mindfulness’ to train employees against cyberattacks

Ohio has launched a cyber range that promises a different curriculum for state and local employees than the standard, once-a-year cyber training most public employees get.

The nation’s first law protecting against gift card draining has passed. Will it work?

Despite industry pushback, Maryland became the first state to require secure packaging for most gift cards sold at stores. “It will change packaging nationally,” one retail insider predicted.

Tribal governments receive first-ever cyber grants

Having seen states and localities receive hundreds of millions of dollars already, the feds announced $18.2 million for 32 tribal nations.

Calls for cyber framework harmonization ramp up

Efforts to streamline cybersecurity regulations across governments, industries and sectors are underway. The nationwide program StateRAMP has launched its initiative to standardize those rules and regulations.

What is ‘reasonable cybersecurity’?

The term is used in policy after policy. But with no standard definition, networks are often left unprotected and open to lawsuits. That is changing.

‘Death by a thousand cuts’: A look at Big Tech’s efforts to influence data privacy

Maine’s struggles to pass such a law have familiar ring for Maryland lawmakers.

Identifying and mitigating third-party IT risks

COMMENTARY | Transparency, accountability and collaboration with vendors can help agencies reduce the risks associated with third-party contracting.

FCC approves pilot to boost cybersecurity in schools

Amid a rapid increase in ransomware attacks on k-12 schools, the commission is allocating $200 million over three years to strengthen cyber protections.