Cybersecurity

More than 70% of surveyed water systems failed to meet EPA cyber standards

The agency says it will take certain enforcement actions in cases where there is imminent danger from a cyberthreat against water infrastructure.

Whole-of-state program delivers security that’s ‘antivirus on steroids’

Woodbury, Minnesota, was one of the first cities to take advantage of the subsidized managed detection and response solution.

National DELETE Act included in privacy discussions

California already has a law that gives consumers more control over the data held on them by data brokers. A federal effort would give Americans a central place to request it be deleted by all brokers.

National data privacy standard would preempt state efforts

A bill in Congress would supersede more than a dozen state laws. While most support a national standard, some state leaders and experts worry the legislation’s preemption provisions are too prescriptive.

Lessons learned from whole-of-state cybersecurity efforts

More than two years into the federal cybersecurity grant program, state and local tech leaders say information sharing between the different levels of government is the most important aspect of the approach.

Connect with state & local government leaders

How hurricane response helped one state’s cyber preparedness

Local governments in Louisiana are used to having the National Guard come in during natural disasters. Today, they are growing used to the guard coming in during a cyberattack, too.

Survey: Few states have ‘established’ privacy program

As states race to protect Americans’ data, the number of chief privacy officers has increased in state government. Still, a majority reported in a recent survey that they are building their programs.

States warned of ‘recent and ongoing’ cyber threats to critical infrastructure

The EPA and White House acknowledged water systems and other utilities “often lack the resources” to adopt rigorous cybersecurity measures. They want to partner to bolster the current efforts of state and local governments.

Schools are vulnerable to breaches—and hackers know it

Schools face unique challenges in shoring up their cyber defenses. Just ask Baltimore County Public Schools. It suffered a successful attack in 2020, and while its cyber protection has improved, it still faces roadblocks.

As cyber grant program hits the halfway mark, feds laud states’ progress

Two years into the $1 billion program, state and local governments are better prepared for cyber attacks. But funding remains an obstacle as under-resourced cybersecurity budgets struggle to keep up with mounting threats.

Is the US privacy policy good enough?

COMMENTARY | A disjointed approach plagued by compromises is making American data privacy policy more complicated and less effective in delivering the protections people desperately want and need to see.

If schools won’t ban kids’ cellphones, some lawmakers say, they will

Florida now bans cellphones during class, and lawmakers elsewhere like the idea.

17 million cyberattacks a day: How Oklahoma stops 99% of them

In a recent interview, the state’s CISO talks about zero trust, the upside to COVID and triaging the state’s aging tech infrastructure.

States push feds for greater online privacy protections for children

A bipartisan coalition of 43 attorneys general is urging the Federal Trade Commission to expand the definition of “personal information” to keep up with changes related to smartphones and social networks that play an increasing role in everyone’s life – including children.

With AI, anyone can be a victim of nonconsensual porn. Can laws keep up?

States around the country are scrambling to respond to the dramatic rise in deepfakes, a result of little regulation and easy-to-use apps.

FTC cracks down on AI impersonation scammers

The Federal Trade Commission is looking to extend its authority to target fraudsters impersonating individuals in scams. The proposed rule covers the misuse of generative artificial intelligence and other technologies.

See something, say something: Ethical hackers strengthen cyber resilience

Cities and states are increasingly adopting vulnerability disclosure policies that encourage “white hat” or ethical cybersecurity researchers to identify and report security weaknesses in government websites and systems.

Shining a light on shadow AI

Employees sometimes use artificial intelligence websites like ChatGPT to get more work done. But if they do so without approval, they may be putting their agency at risk.

Feds unveil resource for election officials and workers

The webpage provides free resources for state and local officials as they grapple with fears of possible foreign interference in elections and physical threats linked to conspiracy theories.

Who should be in charge of protecting our water systems from cyber threats?

Federal officials don’t agree. Recent hacks on water systems exposed their vulnerabilities. But while some want the EPA to play a stronger role, others emphasized that local systems are best suited to defend themselves.