Credentials, the Keys to the Kingdom
On August 30th, I was honored to be the keynote speaker at a lunch and learn event organized by Proofpoint Inc. in Palo Alto, California....
Interagency Connections: Strengthening Cybersecurity in an Interconnected World
Mitigating Risks in Interconnected Government Systems Imagine a scenario where a government agency, City A, with which your organization...
Cyber Risk Update 10 MAR 2023
Cyber Risk Update for March 10, 2023. Bonus Managing Cyber Risks in Local Government: The Need for Comprehensive Risk Management Programs...
Reporting to Council: Why Local Governments Should Use the NIST Cybersecurity Framework
The blog post discusses how the NIST Cybersecurity Framework can be an effective tool for reporting on cybersecurity to council members.
Local Government Officials Guide to Cybersecurity (Oct 2022 Update)
Ron and I recently presented at the MISAC conference in Monterey and were thrilled to see that our session on involving governing bodies...
The Local Government Officials Guide to Cybersecurity
Ron, Cesar, and I (Don) are currently collaborating on a new professional guide for executives in local government on the topic of...
Cybersecurity Policy Coverage
What topics need to be covered in cybersecurity policies? In this post, I will cover the required cybersecurity policies from various...
Policy, Procedure, or Plan
Some standards like PCI and NIST require policies that cover specific topics. Sometimes you will see a requirement for a policy and...
Cybersecurity Policies Made Easy
People often ask for advice regarding information security or cybersecurity policies. For the remainder of this article, I will use...
Cybersecurity Policy for Local Governments
Here is a sample high-level cybersecurity policy for a city, district, or county. It is designed to be a high-level statement adopted by...
