Cybersecurity

New Law Aims to Help Localities Shift to '.Gov' Web Addresses

Many local governments rely on “.com” or “.org” URLs, making it easier for cyber criminals to trick users with imposter websites.

The Hack Roundup: Treasury Briefing Reignites Encryption Debate

Here are the news and updates about the suspected Russian hack you may have missed.

SolarWinds Hack Also Hit States and Local Governments, Reports Say

STATE AND LOCAL ROUNDUP | Experts worry local news could spread anti-vax conspiracies … Minnesota officials want to keep up fence around state capitol .... Massachusetts town sets out empty chairs as Covid memorial.

What We Know About the SolarWinds Breach

The White House invoked Presidential Policy Directive-41 to coordinate a "whole of government" response.

FBI, CISA, State Leaders Warn Schools About Ransomware Threats

The percentage of ransomware attacks perpetrated against schools more than doubled in 2020.

These States Are Best Prepared for Challenges to Cybersecurity, Civic Tech

A state-by-state analysis by the Internet Association, a trade group for tech companies, examines states' IT modernization efforts against a handful of metrics.

A Big 2020 Election Hack Never Came. Here’s Why.

America’s cyber defenders are getting more proactive—and more chatty.

New Bill Would Codify States’ Ability to Use Federally Funded National Guard for Cybersecurity

National Guard troops currently being activated to monitor cybersecurity in the upcoming elections are paid for by states.

The Current and Future State of State IT Operations

COMMENTARY | Future trends in state IT were highlighted during the 2020 NASCIO Annual Conference.

How State IT Officials Ramped Up Capacity, Security As Workers Went Remote

From increasing the capacity of VPN infrastructure to rethinking the IT help desk, chief information officers had to address new challenges during the early days of the coronavirus pandemic.

Following Ransomware Attack, Tyler Technologies Advises Clients to Change Passwords

The company is a leading provider of software to state and local governments. So far, it says it looks like the security breach has affected only its internal computer systems.

Foreign Hackers Cripple Texas County’s Email System, Raising Election Security Concerns

The malware attack, which sent fake email replies to voters and businesses, spotlights an overlooked vulnerability in counties that don’t follow best practices for computer security.

How Good Is Your Phishing Training? A New Tool Could Help Figure That Out.

Researchers at the National Institute of Standards and Technology are looking to pool more data from outside organizations to further refine it.

How the Coronavirus Pandemic Fueled Ransomware Attacks

Speaking at a cybersecurity summit, federal law enforcement officials said hackers have exploited the public health crisis to launch new attacks.

Bipartisan House Bill Targets Improving Digital Identity Verification

The measure would create a task force of local, state and federal officials to produce a comprehensive, standards-based approach to digital identity verification.

From Hunted to Hunter: Building a Proactive Government Cybersecurity Strategy

COMMENTARY | Thinking like the enemy can improve state and local officials’ cybersecurity defenses.

Covid Could Spur Reduced Reliance on Classified Sources of Cyber Intelligence

CISA officials highlighted cloud configuration and VPN vulnerabilities in assessing threats associated with the pandemic.

Cyberattacks Threaten Unprepared Virtual Schools

Remote learning means that schools and their students are spending more time online. Cybersecurity awareness needs to be a key piece of successful virtual classrooms.

States Experiment with Automation to Bolster Cybersecurity

A new pilot program overseen by Johns Hopkins University's Applied Physics Laboratory hopes to cut down on the time it takes for governments to respond to potential cyber threats by automating the process.

CISA, International Counterparts Highlight Mistakes Organizations Make After a Cyber Intrusion

A lot of what’s necessary to appropriately respond to a cyber incident should happen way in advance.