The state’s plan addresses how current and anticipated initiatives support its larger goals of building resilience, preparedness and unification across cybersecurity efforts. The strategy takes a holistic approach across sectors.
Officials say the group, called Volt Typhoon, has inserted malware deep in the systems of numerous water and electric utilities that serve military installations in the United States and abroad.
The special group tapped by Gov. John Bel Edwards' administration in 2019 to respond to cyber attacks has been in a state of near constant activation. The costs to the state and local government agencies have spiraled in that time, state data shows.
The proposed voluntary program would let companies feature labels on consumer products that clear certain cybersecurity criteria, helping consumers identify and select items that are less prone to cyber attack.
The attack highlights risks around holiday weekend attacks, targeted software supply chains and the growing popularity of data-theft-based extortion. Still, zero-day exploits comprise only a small slice of extortion attacks.
What could have been a digital quagmire for California’s largest school district served as a chance to hone cyber response and gird its more than 250 applications used by some 1.6 million users.
The state auditor’s office’s new program offers local governments quick assessments of their cyber postures, plus advice for improving. This can help governments get ready while on the waitlist for the state’s more in-depth cyber audits.
A nation-state sponsored actor is using living-off-the-land techniques to hide its activity and spy on U.S. targets, and possibly plan communication disruptions, Microsoft said. CISA and Microsoft released details to help potential victims identify and mitigate the threat.
John Petrozzelli takes over after Stephanie Helm stepped down from the director position in January. He brings cybersecurity experience from his time in the Air Force, FBI and private sector.
The challenges of defending water infrastructure are numerous. Many of the systems in California – and nationwide – are still operating with outdated software, poor passwords and other weaknesses that could leave them at risk.
