2018 update on cybersecurity for local governments. This year marks the rise of the new threat to Local Government from nation states and the new risks to local governments. Costs for suffering cyber-attacks can be crippling to local governments. In addition, 93% of incidents are directly related to the human vulnerability. Most importantly strengthening the human firewall is a must to reduce risk. A strong cybersecurity awareness program is necessary. One update since I d

A popular attack or threat vector for cybercriminals is to send an email pretending to be from a top-level executive or in the case of local governments the City Manager. The email is designed to manipulate an employee to disclose information, transfer money, or click on a link that leads to malware. This type of an attack is called business email compromise or CEO fraud. Both names may be a bit misleading but that is what is called by the FBI and FTC. In a previous post,

People often ask for advice regarding information security or cybersecurity policies. For the remainder of this article, I will use cybersecurity and information security interchangeably. Nearly always it is a loaded question, exactly what do they mean by policy? Cybersecurity documentation for organizations comes in many levels and is influenced by a number of internal and external sources. Within an organization, there may be four levels of cybersecurity documentation.

Cyber scams and online fraud continue to evolve. Law enforcement and cybersecurity professionals try to prevent online fraud by educating people on the typical methods used by cybercriminals and fraudsters. Criminals respond necessarily by continuously changing their tactics in order to continue to defraud victims. Much like the arms race, each side escalates to get ahead of the other. It may seem defeatist or pessimistic, but it is not. It simply means we must remain vig

Here is a few videos about how to catch people who are lying. This is useful if you are an investigator or auditor. Deception is a key for criminals and fraudsters. The need to get to the truth is important for any investigator or auditor. How can you determine if someone is being deceptive and how do you get to the truth? Former CIA Officer Will Teach You How to Spot a Lie l Digiday In this participatory session, you will learn how to tell when someone is lying. Really. As a