Tag Archives: Cybersecurity and Infrastructure Security Agency

The State of Cybersecurity in the States

Posted on by

State and local agencies are some of the most attractive and vulnerable targets for cyber criminals. In 2023, malware attacks increased by 148%, and ransomware incidents increased by 51%. These agencies are targeted because they hold valuable personal data on citizens and control critical services--yet their security efforts have historically been underfunded and under-resourced. However, the tide may be changing.

A report on the ransomware experiences of state and local government in 2024 showed a dramatic decrease in the number of those organizations that were impacted this year. The report found ransomware attacks impacting 34% of state and local governments, marking a sharp decrease from the 69% affected in 2023. Let's take a look at some of the trends and activities that are fueling the improvement in state and local cybersecurity. Continue reading

Securing the Machines that Drive our Democracy

Posted on by

The devices used in voting are relatively low-tech. In order to avoid cyber threats, even those that use a touch screen to capture votes are intentionally not connected to the internet. However, even this unconnected approach has security risks that need to be addressed so that these devices and the data they hold aren't tampered with. The states and localities that administer elections are continually focused on the full spectrum of security risks, putting processes and systems in place in advance of election day to ensure that voting is safe and secure.

Diversity is a Strength

The diversity of voting machines being used across the country reduces threat impacts. If there is an issue with a piece of software, it won't impact the entire national voting system, just particular machines. While software vulnerabilities are still huge problems, standardizing on one type of machine nationwide would mean one software bug could wipe out all electoral results. Continue reading

How the Healthcare Industry Is Working to Become Immune to Ransomware

Posted on by

The first known ransomware attack occurred in 1989 and was targeted at the healthcare industry. The attention and attractiveness of healthcare organizations to ransomware hackers have not waned in the decades since. In fact, attacks are growing by 70-100 percent year over year. In 2023, there were over 460 ransomware attacks impacting U.S. health organizations, making it the most targeted industry.

This year, a major attack delayed prescription fillings and led to cash flow issues at facilities across the country. The American Healthcare Association said that 94% of hospitals have reported financial impact from the incident, with some losing upward of $1 billion per day in revenues. Continue reading

Department Spotlight: Health and Human Services

Posted on by

In its work to "enhance the health and well-being of all Americans," the Department of Health and Human Services (HHS) oversees more than 100 programs across 13 agencies. Ten of these agencies are focused on public health, with three having human services as their main mission.

Across all of these agencies, there is a shared focus on the secure and ethical use of technology to improve public health and wellbeing. In 2023, HHS had an IT budget of $8.5 billion. Despite this spending, HHS has struggled to meet federal requirements. It did not score well on a cybersecurity audit, partly due to a lack of coordination among the operating units. Continue reading

Agency Spotlight: Environmental Protection Agency

Posted on by

The Environmental Protection Agency's (EPA) mission is to protect human health and the environment. That is accomplished through a number of key efforts, including developing and enforcing regulations, providing grants, studying environmental issues, sponsoring partnerships, and educating the public about the environment through programs and publications.

While the mission of the EPA is decidedly focused on the health of the earth, the challenges it addresses are increasingly coming from cyberspace, with cyber threats becoming a key focus of organizations utilizing natural resources. Continue reading