Calls for cyber framework harmonization ramp up

Efforts to streamline cybersecurity regulations across governments, industries and sectors are underway. The nationwide program StateRAMP has launched its initiative to standardize those rules and regulations.

What is ‘reasonable cybersecurity’?

The term is used in policy after policy. But with no standard definition, networks are often left unprotected and open to lawsuits. That is changing.

‘Death by a thousand cuts’: A look at Big Tech’s efforts to influence data privacy

Maine’s struggles to pass such a law have familiar ring for Maryland lawmakers.

Identifying and mitigating third-party IT risks

COMMENTARY | Transparency, accountability and collaboration with vendors can help agencies reduce the risks associated with third-party contracting.

FCC approves pilot to boost cybersecurity in schools

Amid a rapid increase in ransomware attacks on k-12 schools, the commission is allocating $200 million over three years to strengthen cyber protections.

Connect with state & local government leaders

Proposed federal AI roadmap would fund local election offices

Amid warnings that artificial intelligence could “totally discredit our election systems,” a group of U.S. senators released a sprawling roadmap that includes grant funding to keep elections safe from AI.

Why cybersecurity begins with users

COMMENTARY | Employees who are the least aware of security threats often present the biggest risk.

New cyber range helps future tech workers wargame cybersecurity

Fulton-Montgomery Community College in New York will open its range to students this fall, making it the first in the nation to offer one on campus as part of its academic curriculum.

More than 70% of surveyed water systems failed to meet EPA cyber standards

The agency says it will take certain enforcement actions in cases where there is imminent danger from a cyberthreat against water infrastructure.

Whole-of-state program delivers security that’s ‘antivirus on steroids’

Woodbury, Minnesota, was one of the first cities to take advantage of the subsidized managed detection and response solution.

National DELETE Act included in privacy discussions

California already has a law that gives consumers more control over the data held on them by data brokers. A federal effort would give Americans a central place to request it be deleted by all brokers.

National data privacy standard would preempt state efforts

A bill in Congress would supersede more than a dozen state laws. While most support a national standard, some state leaders and experts worry the legislation’s preemption provisions are too prescriptive.

Lessons learned from whole-of-state cybersecurity efforts

More than two years into the federal cybersecurity grant program, state and local tech leaders say information sharing between the different levels of government is the most important aspect of the approach.

How hurricane response helped one state’s cyber preparedness

Local governments in Louisiana are used to having the National Guard come in during natural disasters. Today, they are growing used to the guard coming in during a cyberattack, too.

Survey: Few states have ‘established’ privacy program

As states race to protect Americans’ data, the number of chief privacy officers has increased in state government. Still, a majority reported in a recent survey that they are building their programs.

States warned of ‘recent and ongoing’ cyber threats to critical infrastructure

The EPA and White House acknowledged water systems and other utilities “often lack the resources” to adopt rigorous cybersecurity measures. They want to partner to bolster the current efforts of state and local governments.

Schools are vulnerable to breaches—and hackers know it

Schools face unique challenges in shoring up their cyber defenses. Just ask Baltimore County Public Schools. It suffered a successful attack in 2020, and while its cyber protection has improved, it still faces roadblocks.

As cyber grant program hits the halfway mark, feds laud states’ progress

Two years into the $1 billion program, state and local governments are better prepared for cyber attacks. But funding remains an obstacle as under-resourced cybersecurity budgets struggle to keep up with mounting threats.

Is the US privacy policy good enough?

COMMENTARY | A disjointed approach plagued by compromises is making American data privacy policy more complicated and less effective in delivering the protections people desperately want and need to see.

If schools won’t ban kids’ cellphones, some lawmakers say, they will

Florida now bans cellphones during class, and lawmakers elsewhere like the idea.