There are supply chain risks when we use cloud services: Two misconfigured AWS S3 buckets apparently belonging to McGraw Hill exposed more than 117 million files belonging to hundreds of thousands of students. https://www.theregister.com/2022/12/20/mcgraw_hills_s3_buckets_exposed/ Threat Actors have been using a triple extortion method to get organizations to pay the ransom: Ransomware hackers take demands directly to college students: ‘For you, it’s a sad day’ https://www.nb

Supply Chain Risks - emergency services often rely on satellite communications. Suspected Russian Hackers Infiltrated U.S. Satellite Network https://www.cyberscoop.com/apt28-fancy-bear-satellite Local Governments are still a target Little Rock School District approves $250K payment in ransomware settlement https://www.cybersecuritydive.com/news/little-rock-school-ransomware-payment/639083/ Election disinformation campaigns fizzled, but still concerning https://www.cyberscoop.

Data Breaches The County of Tehama, California, says personal information was compromised in a data breach. https://www.securityweek.com/california-county-says-personal-information-compromised-data-breach A regional transit district had a cybersecurity incident last month. A notorious and prolific ransomware operation claimed on Monday to have stolen 76 gigabytes of data from the California Department of Finance. https://www.cyberscoop.com/lockbit-ransomware-california-depart

Governments do create vulnerable systems A website run by the Florida Department of Revenue had been exposing the personal data, including Social Security numbers and bank account information, submitted by individuals filing for business tax registrations. https://statescoop.com/florida-revenue-department-website-exposed-confidential-data/ Cyber Risk is constantly and rapidly changing From vendor evolution to the long-term effects of high-profile attacks, the cybersecurity in

The Board or Council's Role in Cyber Risk Management (encore performance, first presented at MISAC Conference October 2022 in Monterey, CA.) Are you aware of the risks your local government faces in the digital world? In this video, we discuss the importance of cybersecurity for local governments and the critical role of top elected or appointed officials in managing cyber risk. We examine how the growing reliance on data and technology has made cybersecurity a central respon

Cyber Risk for Critical Infrastructure We know that our critical infrastructure will continue to be a top target for digital adversaries. In 2021, according to the FBI, ransomware attacks hit 649 US critical infrastructure entities, and nearly 90% of all US critical infrastructure sectors were hit by a successful ransomware attack. In the past two years alone, 76% of organizations were attacked by ransomware, and 66% experienced at least one software supply chain attack. http