CyberSecurity

It's that time of year again, when villains, creeps and other dangerous characters are testing the locks and doors in your neighborhood ― virtually.

Welcome to readers who found their way here during the 2021 International Fraud Awareness Week! We first posted this article in September 2020, and the threat of bad actors diverting paychecks or vendor payments remains acute since so many of us are working remotely and doing business electronically. Please take a moment to understand how these schemes work, and consider our tips on how to protect your organization.

The Center for Internet Security (CIS) is known for developing an array of cybersecurity controls and leading practices that can help organizations of all sizes protect their IT systems and data. In June, CIS recognized our cybersecurity auditors for their work applying the CIS Controls system to help Washington's state and local governments.

As local government workers get accustomed to working from home, there are a couple things our information technology experts here at the State Auditor's Office consider to be some especially risky areas. This blog post will cover the highest risk areas we can think of, but there others you might be encountering.

Make no mistake about it, organizations are fighting a war against ransomware. As in any war, it helps to know when your adversary's strategy changes in a major way.

And that is exactly what has been happening in the past few months, according to Roger A. Grimes, a cybersecurity expert with KnowBe4, a cybersecurity training company. The bad guys have found new ways to make you pay up, and they aren't taking no for an answer.

John F. Kennedy once said, “The time to repair the roof is when the sun is shining.” Unfortunately, for some governments such as City of Baltimore or the City of Atlanta who came under attack, the sun is not exactly shining as they battle ransomware on their systems – spending significant amounts of time and money to get back to normal operations. And they are not alone; ransomware is on the rise for governments as a whole.

If you are one of the fortunate governments that have not experienced ransomware, let's keep it that way! Here are five steps to help you get started:

By the Center for Government Innovation

Estimated reading time: 1 minute

October ushers in the official fall—leaves scattering on the sidewalks, longer nights and a chilling breeze. The month of October also has special significance here at the State Auditor's Office—Cybersecurity Awareness Month.

The headlines appear nearly every day — local governments across the country are becoming victims of cybercrime. The reality of modern, connected government means that sensitive data, information and infrastructure are targets for cyber-attack. This reality can seem scary and overwhelming, and something that's best left to the experts in your IT department to handle. IT departments certainly play a key role, but did you know that cybersecurity is actually the responsibility of everyone who works for a local government?

By Team IT Audit

Estimated reading time: 3 minutes