Cybersecurity

Chief Privacy Officer Martha Wewer reviewed the state’s approach to data protection, AI oversight and consumer privacy on Thursday as Gov. Josh Stein marked a new day of awareness during Data Privacy Week.

There was a record set for data breaches in 2025, and the incidents were also paired with fewer details in notification letters, raising concerns about transparency and public understanding.

Following a turbulent year in cybersecurity, the state Governor’s Technology Office is seeking to hire a new cybersecurity lead to manage risk and compliance. Nevada’s permanent CISO retired in May 2025.

An ambulance billing company has agreed to pay Connecticut and Massachusetts $515,000 for a 2022 data breach that exposed private information of nearly 350,000 residents, officials said.

The nonprofit advisory group GovRAMP reports that its Progressing Security Snapshot Program leads to steady cybersecurity improvements for cloud service providers who sell to government, ultimately boosting trust.

The National Association of State Chief Information Officers’ list reflects pressure on states to manage cyber risk, modernize systems and implement AI responsibly — with federal partnership playing a central role.

Following an internal audit by the city technology office, leaders said they have removed an unknown account that had gained access to confidential legal files. An IT analysis is underway.

Attorney General Dana Nessel is renewing her call for Michigan to pass a law requiring companies to immediately report data breaches to her office, which would allow for quickly alerting the public.

Government security leaders are struggling. Cyber investments are lagging. Resources are being cut. The problem is getting worse. Let’s explore solutions.

Minnesota’s case is one of several breaches of late involving legitimate access, a recurring issue in provider-heavy government health and human services systems.

Its ability to send residents emergency notifications was crippled by the November cyber attack. Since then, the local government has relied on state and federal systems to send out alerts.

In the wake of a scam last year, the state agency has refocused on data encryption and security, and will do monthly cyber training and awareness. It has recovered nearly all of the stolen funds.

A breach in a Minnesota Department of Human Services system allowed inappropriate access to the private data of nearly 304,000 people, with officials saying there is no evidence the data was misused.

A contract with Motorola Solutions will enable the county to do a better job of safeguarding its emergency radio communications system. Tower sites and radio dispatch consoles will get 24/7 security.

With its longtime federal support now withdrawn, one of the country’s largest public-sector cybersecurity support organizations has moved to a new paid model where states handle the bill for its services.

The state of Kentucky granted the University of Louisville $10 million for the construction of a new cybersecurity center, which will include a cyber range and a secure space for sensitive information.

Legislation proposed by Sen. Mary Elizabeth Coleman, R-Arnold, would do away with several state boards and commissions. If it becomes law, the Missouri Cybersecurity Commission would be among them.

Cybersecurity experts say AI and automation are changing how much impact manipulated data can have on government technology systems.