Tag Archives: CA

National Cybersecurity Strategy: Building a More Secure Future

Posted on by

In March, the Biden Administration released the latest guidance aimed at improving the cybersecurity practices of Federal agencies. The National Cybersecurity Strategy builds on the Executive Order for Improving the Nation's Cybersecurity that makes cybersecurity a strategic focus of every agency. This latest guidance drills further into the actions needed to ensure that government systems and citizen data are protected against the ever-evolving threat landscape.

The goal of the strategy is to "rebalance the responsibility to defend cyberspace" and "realign incentives to favor long-term investments." To do this, the responsibility for cybersecurity must be shifted to the organizations that are most capable and best-positioned to reduce risks. It points out that, "a single person's momentary lapse in judgment, use of an outdated password, or errant click on a suspicious link should not have national security consequences." While security is the responsibility of everyone, small businesses, small localities, and individuals simply do not have the resources to support the security needed to protect systems and data. Instead, the guidance proposes new incentives to favor long-term investments in security, resilience, and new technologies. Continue reading

Creative Solutions to Close the Cybersecurity Skills Gap

Posted on by

In the last 12 months, more than 769,000 cybersecurity jobs were posted in the United States. Unfortunately, there are not enough trained cyber professionals to meet this need across government and private industry, but the roles need to be filled. A report issued by the Government Accountability Office (GAO) in late 2021 named the cybersecurity skills gap as a leading cause of risk for Federal agencies. To meet this need and risk head-on, the government is coming up with creative ways to fill cyber positions.

Funding Scholarships

The DoD had been looking to set up military-style academies focused on cyber education; however, the direction has shifted in the latest National Defense Authorization Act. The latest proposal recommends establishing a DOD Cyber and Digital Service Academy within existing universities and colleges. This means that students studying certain cyber and digital service disciplines could receive up to five years of tuition and room and board. In exchange, recipients would agree to work for the DoD for the same number of years that they received the scholarship. This is not unprecedented. The National Science Foundation's CyberCorps Scholarship for Service Program has been in place since 2000. It has placed over 4,500 people in government organizations including DoD, the National Security Agency and state and local governments in return for their scholarship. Continue reading

Virtual Court is Here to Stay

Posted on by

Like many industries, the pandemic forced the court system to rethink how they deliver services and carry out everyday business. Courts had been slow to adopt technology with e-filing and e-notarization being the biggest digital changes over the last several decades. Hearings were still in person with remote testimony a rarity. This meant that lawyers might have to travel hundreds of miles for a 15-minute hearing. Even in the face of this inefficiency, there was no big push to change. Then came COVID.

More Than a Pandemic Fix

Zoom-based hearings became commonplace to facilitate cases while keeping all participants safe. But as the pandemic restrictions on in-person extended, courts nationwide started seeing huge benefits to the online process.

Virtual hearings increased participation by defendants. In Arizona, between 2019 and 2020, a Pew study found that there was an 8% drop in default judgments - judgments where the plaintiff wins simply because the defendant failed to appear. Attendance among jurors also increased. Texas saw a big spike in juror attendance after the transition to an online system. Continue reading

IoT in Government: How Government is Using Digital Twins

Posted on by

Digital twins are virtual, 3D representations of buildings, neighborhoods, or products built with real-world data collected from internet-of-things (IoT) devices like sensors, video cameras, and other enterprise data applications. These twins allow researchers, planners, and policymakers to experiment with changes to the object or environment to see if the desired results of that change are achieved. Applications include infrastructure improvement, sustainability planning, emergency response preparedness, and research and development. IoT in government is being driven by the results digital twins can achieve. One report showed that cities can expect to save $280 billion by 2030 with the deployment and use of digital twins. Continue reading

Schools Have to Learn the ABCs of Ransomware

Posted on by

Ransomware has traditionally been a practice where cybercriminals encrypt data and demand ransom in exchange for a decryption key. More recently, a growing number of these bad actors threaten to make this information public if they do not get paid. This shift in the practice of ransomware has increased the "attractiveness" of K-12 schools for cyber criminals. Information about children is among the most highly protected data there is, making it more likely ransoms will be paid to keep it private. For this and other reasons, K-12 schools are seeing an increase in ransomware activity. In 2021, there were at least 62 reported ransomware cases as compared to only 11 in 2018. 2021 also saw ransomware as the most common cyber incident for K-12 schools for the first time ever.

What Gets Compromised in a Ransomware Attack?

An incident in 2020 involving Fairfax County, VA Public Schools resulted in employee social security numbers being posted online. Hackers targeting a school district in Allen, Texas emailed parents with threats to expose their childs' personal information if educators did not pay a ransom. Showing the full swing of ransomware impacts from the serious to the mundane, a 2022 attack on the Griggsville-Perry School District in Indiana had many records compromised and leaked including a detention slip from December 2014 for a student who would not stop interrupting his health class. This shows the breadth of access that hackers had to documents and has led many schools to reexamine their file retention policy to reduce the amount of data accessible to bad actors. Continue reading