Cyber Circuit – December 2022

Updates from the Resource Center for State Cybersecurity team, December 30, 2022

Motorola’s Public Safety Threat Alliance Information Sharing and Analysis Organization Provides Public Safety-Focused Cyber Threat Intelligence

Cyber threats to public safety organizations are increasing in scope, scale, and complexity, but many agencies are challenged by a lack of cybersecurity resources required to mitigate risk and ensure continuity of public safety operations. To address this critical need, Motorola Solutions established the Public Safety Threat Alliance (PSTA). The PSTA, a U.S. Cybersecurity and Infrastructure Security (CISA)-recognized information sharing and analysis organization (ISAO), is focused on cyber threats to public safety.

Membership in the PSTA is free for all public safety agencies, and organizations can learn more and register for membership today here.

NICE Conference: Call for Speakers

The National Initiative for Cybersecurity Education (NICE) 2022-23 planning committee is seeking timely, topical, and thought-provoking presentations for its annual conference and expo, which is set to take place in Seattle, Washington from June 5-7, 2023. The deadline to submit a proposal is January 22, 2023.

To learn more, click here.

NICE Webinar: Optimizing Your LinkedIn Profile for Your Cybersecurity Career

Thursday, January 26, 2023 | 2:00 – 3:00 P.M. EST

NICE is hosting a webinar on January 26, 2023 from 2:00-3:00 P.M. EST, during which LinkedIn pros will share tips and tricks on how to optimize your LinkedIn profile so that employers, recruiters, and other professionals can easily find you and help you grow your network with the goal of advancing you in your cybersecurity career. Attendees will also hear about the latest labor market trends in cybersecurity as seen through LinkedIn’s unique data.

Register for the event here.

Cybersecurity Resources

State Cyber Scan

Governor Hochul Signs Nation-leading Legislation to Protect Energy Grid from Cyber Threats | New York Office of the Governor December 23, 2022

New York Governor Kathy Hochul signed a bill to take actions to protect the state’s energy grid from cybersecurity incidents. The measure passed unanimously in both the New York State Assembly and Senate, following guidance from President Joe Biden that states establish minimum cybersecurity requirements for critical infrastructure. The legislation will require utilities to prepare for cyber attacks in their annual emergency response plans and ensure customer data is secured.

Gov. Justice announces West Virginia to become first state in the country to digitize vehicle titles | West Virginia Office of the Governor December 14, 2022

West Virginia Governor Jim Justice revealed that in early-2023, the state will become the first in the country to digitize vehicle titles and the process to acquire vehicle registrations through the Department of Motor Vehicles’ (DMV) online portal. The move will enable residents to conveniently keep their vehicle title on their smartphones. This development reflects the governor’s priority to modernize and improve experiences at the DMV. 

Executive Order No. 602: Establishing the Massachusetts Cyber Incident Response Team | Massachusetts Office of the Governor December 14, 2022

On December 14, Massachusetts Governor Charlie Baker, recognizing the growing cybersecurity threat, issued an executive order (EO) to establish a cyber incident response team in the Commonwealth. The mission of the Massachusetts Cyber Incident Response Team (MA-CIRT) is to enhance the Commonwealth’s ability to prepare for, recover from, and mitigate significant cybersecurity incidents. The MA-CIRT will maintain a statewide cyber incident response plan, which will be reviewed by the governor annually.

Read the full EO here

U.S. Senate passes bill to bar federal employees from using TikTok on government-owned devices | Reuters December 14, 2022

This month, the U.S. Senate passed by voice vote a bill to restrict federal employees from using Chinese-owned app, TikTok, on government-owned devices. The bill must still be approved by the House of Representatives before the current congressional session to reach the president’s desk. Many federal agencies, including the Department of Defense, Homeland Security, and State have already banned its use. TikTok, meanwhile, has said the concerns are largely fueled by misinformation they are happy to address with policymakers.

Why state governments are banning TikTok | The Hill December 14, 2022

To date, almost half of all U.S. states have recently enacted bans on the use of TikTok by state employees. Specifically, the app has been most targeted by Republican lawmakers who say the Chinese government could access its user data like browsing history and location. As states look to secure their own networks, the Biden Administration is engaged in talks with TikTok over a possible agreement aimed at resolving American security concerns.

Tech Counties Boomed in Pandemic, New Data Shows | Stateline December 13, 2022

A recent analysis of 2019-2021 economic data conducted by the Pew Charitable Trusts found that the nation’s tech centers thrived as demand for remote work software and food delivery and streaming services surged. Santa Clara County, California; Travis County, Texas; and King County, Washington were among the counties that saw the highest real GDP growth rates. However, data shows that these trends are returning to pre-2019 levels and tech employment has fallen as layoffs have been taking place across the industry. 

LockBit ransomware crew claims attack on California Department of Finance | CyberScoop December 12, 2022

Ransomware gang LockBit took credit on a recent ransomware attack on the California Department of Finance. LockBit claimed it stole access to databases, confidential data, financial documents and sexual proceedings in court; however, the state has not confirmed the validity of the group’s statements, beyond recognizing that a breach did occur. The state’s Cybersecurity Integration Center is currently working to investigation the intrusion. 

$858 billion defense bill focuses heavily on cyber. These are some highlights. | CyberScoop December 7, 2022

The 2023 National Defense Authorization Act lays out some notable cybersecurity provisions, including the allocation of $44 million toward U.S. Cyber Command to augment its “hunt forward” missions, a requirement that the Secretary of Defense brief lawmakers annually on Cyber Command/National Security Agency collaboration, and FedRAMP reform.

TikTok Is Sued by State of Indiana, Accused of Targeting Young Teens With Adult Content| The Wall Street Journal December 7, 2022

Early this month, Indiana filed a pair of lawsuits against TikTok, claiming the platform is deceiving consumers about its content and data security. The first alleges that TikTok’s algorithm is designed to addict young users and promotes harmful, inappropriate content, while the second lawsuit raises concerns about China’s use of TikTok to spy on, blackmail, and coerce users to advance its national security and economic interests. 

As Arizona prepares for new governor, its CISO focuses on Super Bowl | StateScoop December 6, 2022

As Arizona prepares for its gubernatorial transition, the state’s homeland security director and chief information security officer is simultaneously gearing up to host the Super Bowl, which requires not only the securing of physical assets, but the protection of all of the IT assets that go into pulling off the big game, including mobile ticketing apps, streaming media and cashless transactions with stadium vendors. To be successful, these efforts demand collaboration between state agencies, the federal government, and the NFL’s security and technology teams. 

NGA Government Relations Updates

Press Release: NGA Commends Congress for Passing the Fiscal Year 2023 Defense Spending Legislation | December 15, 2022

NGA Chair Governor Phil Murphy of New Jersey and Vice Chair Governor Spencer Cox of Utah released the following statement after the House and Senate passed the Fiscal Year 2023 National Defense Authorization Act (NDAA):

“Governors thank Congress for passing robust funding to ensure the continued readiness of the National Guard through personnel and equipment. Governors note how important this funding is, in light of both the massive responses to the 2022 hurricane and wildfire seasons, as well as ongoing disaster response operations. The continued support from Congress provides the National Guard with well-maintained and modernized equipment, greater reliability and improved readiness for life-saving missions undertaken on behalf of our nation during disasters and emergencies.”

Read the full statement here. President Biden signed the NDAA into law on December 23rd. His official statement can be found here.