《互聯網安全中心（CIS）：2024年網絡安全秋季報告：未來趨勢與防御戰略（英文版）（28頁）.pdf》由會員分享，可在線閱讀，更多相關《互聯網安全中心（CIS）：2024年網絡安全秋季報告：未來趨勢與防御戰略（英文版）（28頁）.pdf（28頁珍藏版）》請在三個皮匠報告上搜索。

1、Fall 2024Fall 2024The Latest Evolution The Latest Evolution in Cybersecurity in Cybersecurity Best Practices with Best Practices with CIS Critical Security CIS Critical Security Controls Version 8.1 Controls Version 8.1 Defending Against Defending Against Threat Actors in Threat Actors in the Increa

2、singly the Increasingly Intertwined Cyber and Intertwined Cyber and Physical DomainsPhysical DomainsKey Trends Shaping Key Trends Shaping the Future of Security the Future of Security OperationsOperationsTackling the Unique Tackling the Unique Cybersecurity Cybersecurity Challenges Facing Challenges

3、 Facing Law Enforcement Law Enforcement and Public Safety and Public Safety Organizations Organizations Adapting Adapting for the for the Future Future In order to stay one step ahead of cyber In order to stay one step ahead of cyber threat actors and effectively defend their threat actors and effec

4、tively defend their critical assets against cyber attacks,critical assets against cyber attacks,organizations need to be prepared to organizations need to be prepared to change with the times and foresee the next change with the times and foresee the next cybersecurity challenges approaching on the

5、cybersecurity challenges approaching on the horizonhorizonA PUBLICATION FROMAd PlacementActive defense against cybersecurity threatsActive defense against cybersecurity threatsGet StartedFall 2024iContentsFeatured ArticlesCIS Critical Security Controls Version 8.1 ReleasedNew updates to our globally

6、 recognized security best practices,including updated alignment to industry standards and frameworks,revised asset classes and safeguards,and other new additions3The Critical Importance of Cybersecurity for Law Enforcement and Public SafetyEvaluating and addressing some of the unique cybersecurity c

7、hallenges facing law enforcement and public safety organizations6How to Deter Multidimensional Threats in the Connected WorldAn evolving threat environment that combines cyber attacks,information operations,and physical,real-world operations calls for a new strategy for response and defense10The Fut

8、ure of Security Operations in SLTT OrganizationsA look at the key trends and new technologies shaping the future of security operations within SLTT organizations14Quarterly RegularsQuarterly Update with John Gilligan1News Bits&Bytes2Cyberside Chat 17ISAC Update18Event Calendar20Fall 2024 Volume 8 Is

9、sue 3Editor-in-ChiefMichael MineconzoSupervising EditorLaura MacGregorCopy EditorsAaron PerkinsDavid BissonAutum PylantStaff ContributorsJohn CohenStephanie GassJames GlobeCharity OtwellAaron PerkinsKaren SoradyCybersecurity Quarterly is published and distributed in March,June,September,and December

10、.Founded MMXVII.Published by Center for Internet Security,31 Tech Valley Drive,East Greenbush,New York 12061For questions or information concerning this publication,contact CIS at infocisecurity.org or call 518.266.3460 2024 Center for Internet Security.All rights reserved.Ad Placementwww.sans.org/p

11、artnerships/slttFall 20241 QuarterlyUpdate with John GilliganThis past summer,we saw a continued increase in cyber attacks ransomware,data exfiltration,denial of service leading to service disruptions as well as loss of intel-lectual property and personal information.In fact,these attacks have becom

12、e so frequent that we have come to accept them as a part of modern life.What is being masked,however,is the growing threat from foreign governments who are systematically working to under-mine confidence in our government,our leaders,and our election processes,often using a combination of cyber and

13、misinformation or disinformation attacks delivered through social media.Public reporting by the intelligence agencies and the FBI have also highlighted increasing efforts by foreign governments to compromise our crit-ical infrastructure,opening the United States up to a“Pearl Harbor”attack at the ti

14、me of our adversaries choosing.Reports of significant breaches of Microsofts internal systems raise questions about the reliability of the software and services relied upon by many compa-nies and citizens.Indeed,it is an increasingly dangerous cyber world.The CrowdStrike configuration error on July

15、19 that led to widespread outages of Microsoft-based systems using CrowdStrikes Falcon product also highlighted the fact that global cyber disruptions can come from human error.Although it is widely assessed that CrowdStrike responded quickly to the error,many organizations across the globe were wit

16、hout access to critical systems for hours and in some cases days.There are many lessons to be learned from this event.The theme for this issue of Cybersecurity Quarterly is appropriate:Adapting for the Future.The articles selected for this issue address the changing threat environment as well as new

17、 tools and processes for addressing emerging cyber threats.James Globe,VP of Strategic Cybersecurity Capabilities at the Center for Internet Security(CIS),has provided a piece on the future of security operations(SecOps).Developed from the perspective of state,local,tribal,and territorial(SLTT)organ

18、izations,his piece discusses key trends shaping the future,including increased adoption and reliance on artificial intelligence and machine learning,zero trust architectures,multi-factor authentica-tion,and use of automation and orchestration to increase efficiency of addressing threats.Another arti

19、cle provides an update on a two-year initiative at CIS to examine the interconnection between cyber threats,information operations,and physical threats leveraging the internet.The recently published report,Enhancing Safety in a Connected World A National Framework for Action,identifies recommendatio

20、ns for dealing with this multidi-mensional world.Charity Otwell,Director of Critical Security Controls,has provided a piece on the recent update to CIS Critical Security Controls(CIS Controls)Version 8.1.She discusses the changes made in the update,touching on some of the supporting guides,mappings,

21、and tools in the Controls ecosystem that have been updated.Adam Ford,former CISO of Illinois and now CTO for SLED at our CIS CyberMarket vendor partner Zscaler,submitted an article on the increasing importance of cybersecu-rity for protecting the integrity and functionality of law enforcement and pu

22、blic safety operations.Karen Sorady,VP of Multi-State Information Sharing and Analysis Center(MS-ISAC)Strategy and Plans,provides an update this month introducing the recently elected members of the MS-ISAC Executive Committee and their objectives for the upcoming year.Stephanie Gass,our Director of

23、 Governance,Risk,and Compliance(GRC),uses her column this month to discuss key trends affecting the future of GRC.I hope you enjoy this quarters issue.Have a great fall season!Best Regards,John M.Gilligan President&Chief Executive Officer Center for Internet Security“Attacks have become so frequent

24、that we have come to accept them as a part of modern life.Indeed,it is an increasingly dangerous cyber world.2Cybersecurity QuarterlyNewsBits&BytesCIS CyberMarket Launches New VendorsCIS CyberMarket has added two new vendors:NetAlly and Invary.NetAllys CyberScope aids secu-rity teams in fortifying t

25、heir cybersecurity defenses with advanced edge network vulnerability scanning and validation of security controls.Invarys Runtime Integrity Service helps protect systems from advanced threats by verifying their integrity at runtime.CIS CyberMarket is a market-place specifically designed to help conn

26、ect U.S.State,Local,Tribal,and Territorial(SLTT)government organizations with rigorously-vetted,cost-ef-fective cybersecurity solutions from industry-leading vendors.To view all of our current offerings,please visit the CIS CyberMarket webpage.New Salesforce Trailhead Course Released on Reasonable C

27、yber DefenseCIS works with Salesforce Trailhead to create free courses designed to help you implement the CIS Critical Security Controls(CIS Controls).We began by releasing an introductory course on how you can use Implementation Group 1(IG1)of the CIS Controls v8 to achieve essen-tial cyber hygiene

28、.Shortly thereafter,we announced a trail that explains how you can leverage the CIS Risk Assessment Method(RAM)to guide your Controls implementation plan.Were excited to unveil yet another course on Salesforce Trailhead,The Value of Security Controls,which guides users through the realistic costs of

29、 strengthening their cyber defense program.Ready to step up your organizations cyber defenses by developing a realistic plan so that you can implement the security controls and invest in the technologies you need most?Check out our new course on Salesforce Trailhead.CIS Publishes New Guide to Help P

30、arents Better Protect Their Childrens Online ActivityAs a parent,helping your chil-dren navigate the complexities of the digital world can be chal-lenging.Our new guide,From Both Sides:A Parents Guide to Protecting Your Childs Online Activity,is crafted to help parents and guardians under-stand thes

31、e risks,specifically the hazards of harmful online behaviors and scams targeting children.It also provides the essential tools to guide young surfers safely and explores real-life scenarios that illus-trate the common online pitfalls children may encounter.This guide,written by CIS CISO Sean Atkinso

32、n with his daughter,aims to equip parents with the tools to guide and support their own children,make their digital expe-riences positive and productive,and foster an environment where our children can safely learn,create,and connect.Nerdio Launches Integration of CIS Hardened Images Directly into I

33、ts ProductsNerdio,a premier solution for organizations of all sizes looking to manage and cost-optimize native Microsoft cloud tech-nologies,has formed a strategic partnership with CIS to simplify secure configuration and deployment by leveraging Nerdios platform.Nerdio has partnered with CIS to bec

34、ome one of the few providers integrating CIS Hardened Images directly into its products.This integration stream-lines compliance efforts and enhances cybersecurity postures without requiring extensive customization or manual configuration,specifically for CIS Hardened Images for Microsoft Windows 10

35、 and 11 available from the Azure Marketplace.To learn more about Nerdio and their new integration,please visit .Fall 20243CIS Critical Security Controls Version 8.1 ReleasedThe latest iteration of the CIS Controls represents the latest evolution in cybersecurity standards designed to help organizati

36、ons improve their cybersecurity posture and stay protected against todays cyber threats By Charity OtwellOn June 25,the Center for Internet Security(CIS)officially launched Version 8.1(v8.1)of the CIS Critical Security Controls(CIS Controls).CIS Controls v8.1 is an iter-ative update to version 8.0.T

37、he update addresses the increasing complexities and vulnerabilities in todays cyber landscape by incorporating new asset classes and introducing the Governance security function,high-lighting the commitment of the Center for Internet Security(CIS)to ensuring that organizations remain resilient again

38、st rapidly changing cyber threats.It offers prescriptive,prioritized,and simplified cybersecurity best practices that provide a clear path for you to improve your organizations cyber defense program.CIS Controls v8.1 features the following updates:Included new and expanded glossary definitions for r

39、eserved words used throughout the Controls(e.g.,plan,process,sensitive data)Revised asset classes alongside new mappings to CIS Safeguards Fixed minor typos in CIS Safeguard descriptions Added clarification to a few CIS Safeguard descriptions Realigned National Institute of Standards and Technology(

40、NIST)Cybersecurity Framework(CSF)security function mappings to match NIST CSF 2.0One key improvement to CIS Controls v8.1 mapping is the addition of the Governance security function intro-duced in the NIST CSF 2.0 released in 2024.Effective governance provides the structure needed to steer a cyberse

41、curity program toward achieving your enterprise goals.The Controls were designed to be comprehensive enough to protect and defend cybersecurity programs for any size enterprise while being prescriptive enough to ease implementation.With the update to CIS Controls v8.1,governance topics are now speci

42、fically identified as recommendations that can be implemented to enhance the governance of a cybersecurity program.The addition of the Governance security function will help Controls adopters better identify the policies,procedures,and processes necessary to support how an enter-prise can protect th

43、eir assets and equip them with the evidence needed to demonstrate industry compliance.Another major update to CIS Controls v8.1 is the addition of new asset classes to better match specific parts of an enterprises infrastructure to which each CIS Safeguard The update addresses the increasing complex

44、ities and vulnerabilities in todays cyber landscape by incorporating new asset classes and introducing the Governance security function,highlighting the commitment of the Center for Internet Security(CIS)to ensuring that organizations remain resilient against rapidly changing cyber threats.4Cybersec

45、urity Quarterlyapplies.All of these updates to the CIS Controls aim to help streamline the process of designing,implementing,measuring,and managing enterprise security.Ready to better identify the governing pieces of your cybersecurity program and obtain the evidence you need to demonstrate complian

46、ce?Download CIS Controls v8.1 today!Supporting Resources for CIS Controls v8.1Version 8.1 is an iterative update to CIS Controls v8 and minimizes disruption to Controls users.However,CIS Controls v8.1 is only the beginning of a larger refresh to the sphere of resources available to ease the imple-me

47、ntation of our security best practices.As we progress through 2024 and beyond,well continue to release updates to our supporting tools and resources for the CIS Controls.To date,our team has already released updates for the following resources to support the new recom-mendations contained in CIS Con

48、trols v8.1.Guides Industrial Control Systems(ICS)Guide While the CIS Controls address the general practices that most enterprises should take to secure their systems,some operational environments may present unique requirements not addressed by the CIS Controls.CIS has expanded its efforts to includ

49、e experts from the engineering Industrial Control Systems(ICS)and Operating Technology(OT)fields to provide the CIS Controls ICS Guide.Establishing Essential Cyber Hygiene Version 8.1 When tasked to implement a cybersecurity program,many enterprises ask“How do we get started?”Implementation Group 1(

50、IG1)is the group that is least costly/difficult to implement and are the Safeguards we assert that every enterprise should deploy.Applying all of the Safeguards listed in IG1 will help thwart general,non-targeted attacks and strengthen an enterprises security program.IG1 is the definition of essenti

51、al cyber hygiene and represents a minimum standard of information security for all enterprises.This guide will help orga-nizations establish essential cyber hygiene.Guide to Asset Classes:CIS Critical Security Controls v8.1 CIS simplified the language in v8.1 to provide enterprises guidance on how e

52、nterprise assets and software are organized in the CIS Controls and to help explain what we mean when we say things like“Establish and Maintain Detailed Enterprise Asset Inventory.”Adopters of the CIS Controls should use this guide as a reference during activities such as implementation or auditing

53、to verify that all in-scope assets are being accounted for and are secured.Tools CIS Controls Navigator Want to see how the CIS Critical Security Controls fit into your broader secu-rity program?Use our CIS Controls Navigator to explore how they map to other security standards.CIS Controls Assessmen

54、t Specification The purpose of the CIS Controls Assessment Specification is to provide a common understanding of what should be measured in order to verify that CIS Safeguards are properly implemented.The hope is that those developing related tools will then build these measures into their tools so

55、that the CIS Controls are measured in a uniform way.Version 8.1 is an iterative update to CIS Controls v8 and minimizes disruption to Controls users.However,CIS Controls v8.1 is only the beginning of a larger refresh to the sphere of resources available to ease the implementation of our security bes

56、t practices.Fall 20245 CIS Controls OSCAL Repository This contains OSCAL serializations of the CIS Controls and will include a variety of OSCAL Catalogs for the main CIS Controls Version 8.1 document,Controls Assessment Specification,and mapping documents available as XML and JSON files.CIS Controls

57、 Self Assessment Tool(CSAT)CIS CSAT helps enterprises assess,track,and prior-itize their implementation of the CIS Controls.This powerful tool can help organizations improve their cyber defense program regardless of size or resources.CIS CSAT can help enterprises identify where CIS Controls Safeguar

58、ds are already well-im-plemented and where there are weak points that could be improved.This can be useful information as enterprises decide where to devote their limited cybersecurity resources.Mappings U.S.Department of Health and Human Services(HHS)Healthcare and Public Health Sector-Specific Cyb

59、ersecurity Performance Goals(HPH CPGs)Cloud Security Alliance(CSA)Cloud Controls Matrix(CCM)v4 Payment Card Industry Data Security Standard(PCI DSS)v4.0 New York Department of Financial Services(NYDFS)23 NYCRR Part 500(2nd Amendment 2023)NIST SP 800-53 Rev 5,including moderate and low baselines ISO(

60、the International Organization for Standardization)and IEC(the International Electrotechnical Commission)27001:2022 DOD Cybersecurity Maturity Model Certification(CMMC)2.0 Cross-Sector Cybersecurity Performance Goals(CPGs)v1.0.1 of the U.S.Cybersecurity Infrastructure and Security Agency(CISA)Nation

61、al Institute of Standards and Technology(NIST)Special Publication(SP)800-171 Rev 2,Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations National Institute of Standards and Technology(NIST)Cybersecurity Framework(CSF)2.0Charity Otwell is the Director of the CIS Criti

62、cal Security Controls for CIS.She has nearly 20 years of experience in the financial services industry and has built and led various programs such as Business Continuity,Disaster Recovery,Technology Governance,and Enterprise Architecture in a highly regulated environment.Before coming to CIS,Otwell

63、was a GRC champion and practitioner with a focus on risk assessment,process optimization,process engineering,and best practice adoption for a top-50 bank within the United States.She also helped manage the relationship with federal regulators and the management of federal regulatory exams.She comple

64、ted undergraduate and graduate studies in Birmingham,Alabama,and holds multiple industry certifications.6Cybersecurity QuarterlyThe Critical Importance of Cybersecurity for Law Enforcement and Public SafetyLike most things in modern society,technological advances have heavily affected how law enforc

65、ement and public security operations deliver critical services,and,as such,require effective cybersecurity defenses to ensure public safety By Adam FordIn todays digital age,cybersecurity has become a cornerstone for protecting the integrity and functionality of law enforcement and public safety ope

66、rations.These entities rely on a vast array of interconnected technolo-gies and data systems to deliver their essential services.However,this reliance also makes them vulnerable to cyber threats that can compromise sensitive information,disrupt operations,and ultimately endanger public safety.The in

67、tegration of robust cybersecurity measures is crucial for several reasons:safeguarding sensitive data,ensuring the uninterrupted operation of critical appli-cations,and maintaining compliance with regulatory standards.Among the myriad challenges faced by public safety agencies,secure remote access s

68、tands out as a significant concern.Here,we delve into the seven chal-lenges associated with public safety remote access and explore how modern solutions like zero trust architecture(ZTA)can address them.1.Poor Connectivity in Low-Bandwidth AreasPublic safety personnel,such as police officers,often o

69、perate in areas with limited connectivity.Traditional VPN solutions,with their high overhead,exacerbate performance issues in these low-bandwidth environ-ments,leading to degraded user experience and reduced productivity.For instance,an officer needing to access critical information during a patrol

70、in a rural area may encounter significant delays,potentially compromising their ability to respond effectively to a situation.2.Dropped Connections While Switching NetworksA common issue with many VPNs is the need for reau-thentication when users switch between networks,causing interruptions that ca

71、n be detrimental during Law enforcement and public safety operations.rely on a vast array of interconnected technologies and data systems to deliver their essential services.However,this reliance also makes them vulnerable to cyber threats that can compromise sensitive information,disrupt operations

72、,and ultimately endanger public safety.Fall 20247critical operations.Imagine a scenario where an emer-gency responder moves from a vehicles mobile network to a local Wi-Fi network at a scene.The interruption could delay access to vital information,impacting their ability to make timely decisions.3.S

73、low,Resource-Intensive Data UploadsPublic safety users frequently need to upload large data files,such as body camera footage,to on-premises resources.VPN-related delays can force users to return to headquarters to complete these uploads,hindering timely data processing and automation.This logis-tic

74、al hurdle not only consumes valuable time but also delays the availability of crucial evidence for ongoing investigations.4.Maintaining Compliance with Regulatory BodiesPublic safety agencies manage highly sensitive data and must adhere to stringent regulations.Ensuring compli-ance with various stan

75、dards is a significant challenge.Violations can result in severe penalties and undermine public trust.Robust cybersecurity measures are essen-tial to protect personally identifiable information(PII),criminal justice information(CJI),and other sensitive data from unauthorized access and breaches.5.Co

76、st and Effort of Migrating to Cloud-Based ResourcesThe transition from on-premises to cloud-based appli-cations is a costly and complex process,often spanning multiple years.Additionally,the expense of main-taining secure remote access infrastructure,like Virtual Desktop Infrastructure(VDI),continue

77、s to rise.Agencies must balance the need for modernization with budget constraints,making it imperative to choose cost-effective and scalable cybersecurity solutions.6.Limited Security and VisibilityWhen public safety personnel operate off premises,network administrators often lose visibility and co

78、ntrol over their activities,exposing users and data to poten-tial cyber threats and technical issues.Without adequate monitoring and control,detecting and mitigating threats becomes challenging,increasing the risk of data breaches and other cyber incidents.7.Consistent Policy EnforcementLaw enforcem

79、ent personnel require access to various online resources for investigations,but enforcing segmented web filtering policies can be challenging for administrators.Ensuring that officers can access necessary information while blocking potentially harmful or non-compliant content requires a nuanced appr

80、oach to policy enforcement.Zero Trust Architecture:Addressing Critical ChallengesZTA offers a transformative approach to addressing the cybersecurity challenges faced by public safety agencies.By implementing ZTA,agencies can significantly improve connectivity in low-bandwidth areas,as ZTA solutions

81、 are designed to minimize overhead and optimize perfor-mance.This ensures that officers in remote locations can access critical information without delays.ZTA also eliminates the need for reauthentication when switching networks,providing seamless access and reducing interruptions during operations.

82、Furthermore,ZTA facilitates faster,more efficient data uploads by leveraging direct-to-cloud connections,allowing offi-cers to upload large files without the need to return to headquarters.Compliance with regulatory standards is simplified through ZTAs granular access controls and compre-hensive log

83、ging capabilities,ensuring data security and audit readiness.The migration to cloud-based resources becomes more manageable and cost-effec-tive,as ZTA supports hybrid environments and reduces the dependency on expensive on-premises infrastructure.Enhanced security and visibility are achieved through

84、 continuous monitoring and risk assessment,giving network administrators greater control over off-prem-ises activities.Finally,consistent policy enforcement is maintained through ZTAs dynamic policy engine,which adapts to user behavior and context,ensuring that officers have 8Cybersecurity Quarterly

85、access to the necessary resources while maintaining strict security protocols.ConclusionThe importance of cybersecurity in law enforcement and public safety cannot be overstated.These sectors are increasingly relying on digital tools and remote access,making the challenges associated with traditiona

86、l VPN solutions more pronounced.As the digital landscape continues to evolve,the need for robust cybersecurity measures becomes evermore critical.Law enforcement and public safety agencies must prioritize cybersecurity to protect sensitive data,ensure uninterrupted operations,and maintain public tru

87、st.By leveraging advanced solutions like ZTA,these agencies can navigate the complexities of modern tech-nology and uphold their vital role in society.Investing in cybersecurity is not just a technological imperative but a fundamental component of public safety and service.Zscalers zero trust approa

88、ch offers a modern,efficient,and secure alternative that addresses these challenges head on.By adopting modern cybersecurity solutions,public safety agencies can ensure that their personnel have reliable and secure access to critical applica-tions and data regardless of their location.This not only

89、enhances operational efficiency but also fortifies the defense against cyber threats,ultimately safeguarding the public and maintaining trust in law enforcement and public safety operations.For more information on how Zscaler is helping law enforcement and public safety organizations,please email us

90、 at z-zscaler-.With over 20 years of experience,Adam Ford has dedicated his career to ensuring that information systems and data are protected and available to meet the unique needs of government organizations.Currently serving as the Chief Technology Office for State&Local Government and Education

91、at Zscaler,a leading cybersecurity company,Ford plays a crucial role in helping state and local government organizations securely transform their systems.As a respected leader in the public sector market,his expertise and guidance are instrumental in ensuring that the systems that keep government ru

92、nning are not only efficient but also protected from cyber threats.Prior to Zscaler,Ford served as Chief Information Security Officer for the State of Illinois.In this role,he had respon-sibility for cybersecurity for various agencies,boards,and commissions under the Governor.During his tenure,the S

93、tate of Illinois modernized and grew its security practice to protect systems and data that drive critical services to Illinois residents.In addition to serving state agencies,Ford oversaw state and local security partnership and collaboration efforts including operation of the Illinois Election Cyb

94、er Navigator program in coordination with the Illinois State Board of Elections and the Illinois State Police.He joined the Office of the CISO as Security Engineering Manager in 2017 and also served as Deputy CISO prior to becoming CISO.Before coming to security,Ford spent more than 15 years in data

95、 center and wide area network engineering and architecture roles with the Illinois Department of Innovation and Technology and the Illinois State Police.As the digital landscape continues to evolve,the need for robust cybersecurity measures becomes evermore critical.Law enforcement and public safety

96、 agencies must prioritize cybersecurity to protect sensitive data,ensure uninterrupted operations,and maintain public trust.Ad PlacementEliminate your attack surface.Discover the beneets of the one true zero trust architecture.Find out How 2023 Zscaler,Inc.All rights reserved.Zscaler and other trade

97、marks listed at are either(i)registered trademarks or service marks or(ii)trademarks or service marks of Zscaler,Inc.in the United States and/or other countries.Any other trademarks are the properties of their respective owners.10Cybersecurity QuarterlyHow to Deter Multidimensional Threats in the Co

98、nnected WorldAs threat actors take advantage of the connected world,we must work together to confront multidimensional threats.Our new national framework outlines how we can get started to improve our resilience and respond to this threat environmentBy John D.CohenMalicious actors involved in gang v

99、iolence,drug traf-ficking,human smuggling,terrorist recruitment,foreign influence operations,and other activity have dramatically changed their methods of operation to take advantage of new and developing technical capabilities.This changing threat landscape makes it increasingly difficult for law e

100、nforcement,targeted communities,and the United States as a nation to respond.Exploitation of the cyber domain almost always has a harmful impact on the physical world.This takes various forms,such as ransomware groups who identify their unpaying victims on their websites and human smug-glers who use

101、 social media to facilitate illicit mass migratory movements.However,malicious actors arent just exploiting the connected world.In some respects,theyre leveraging the connected world to undermine confidence in key institutions in our society,and its having an impact.Two years ago,we set out to bette

102、r understand how threat actors are taking advantage of the online world to grow their criminal enterprises,encourage violent acts,and harm U.S.national security.To identify successes and gaps in tackling these issues,we evaluated find-ings about the multidimensional threat environment and the curren

103、t methods used by law enforcement and secu-rity officials to counter the threat.In this blog post,well review the findings we published in our white paper,Enhancing Cyber Safety in the Connected World A National Framework for Action.A Snapshot of an Evolving Threat LandscapeGlobally,there has been a

104、“massive increase”in ransom-ware attacks,with U.S.entities most heavily targeted,as Director of National Intelligence Avril Haines testified in May 2024.He specifically noted how attacks against the healthcare sector roughly doubled from 2022 to 2023.Additionally,Haines highlighted cyber actors ongo

105、ing attempts to attack U.S.industrial control systems,which are used in many critical sectors,like water,food,agricul-ture,defense,energy,and transportation.At the same time,U.S.elections remain a prime target for foreign adversaries,particularly China,Russia,and Iran.Actors from these countries aim

106、 to exploit divisions in U.S.society and undermine confidence in democratic institutions,according to a joint warning from the top U.S.security agencies issued in April 2024.“Nation-state adversaries use information operations and cyber intrusions hand-in-hand to further foreign malign influence goa

107、ls,”explained the Cybersecurity and Infrastructure Security Agency(CISA),Federal Bureau of Exploitation of the cyber domain almost always has a harmful impact on the physical world.However,malicious actors arent just exploiting the connected world.In some respects,theyre leveraging the connected wor

108、ld to undermine confidence in key institutions in our society,and its having an impact.Fall 202411Investigation(FBI),and Office of the Director of National Intelligence(ODNI)in their advisory.All of these issues are exacerbated by the rise in the availability of generative artificial intelligence(Ge

109、nAI).Malicious actors with less technical skills are using arti-ficial intelligence to guide and improve aspects of their hacking operations,then-NSA director of cybersecurity Rob Joyce said at a conference at Fordham University.“We already see criminal and nation state elements utilizing AI.Theyre

110、all subscribed to the big name companies that you would expect all the generative AI models out there,”he said,as quoted by TechCrunch.Four Pillars of a National ResponseThrough proof-of-concept initiatives,we found that rapid detection of emerging threats and evolving trends,along with speedy infor

111、mation sharing,is essential for U.S.federal,state,and local officials responsible for violence prevention,national security,and criminal inves-tigations.Along those same lines,we determined that efforts centered around empowering local communi-ties are critical in managing and responding to new and

112、emerging threats.The result of our efforts is a National Framework for Action developed with input from community groups and partner organizations.This Framework outlines four pillars to confront the problem.Pillar 1:Improve Analysis on Emerging ThreatsPillar 1 emphasizes the importance of establish

113、ing a national,non-government,analytic clearinghouse infra-structure that serves as a repository for multi-source information and issues watches,warnings,forecasts,and analyses of hazardous cyber and online activity.The purpose of this information is to prevent or mitigate the effects of malicious b

114、ehavior by multidimensional threat actors.The objectives for Pillar 1 include the following:Foster private-public partnerships to better under-stand how criminals,foreign adversaries,and terrorists use the internet to achieve their opera-tional objectives Focus on acquiring information that improves

115、 the efficacy of investigative and crime prevention efforts Educate U.S.state and local law enforcement personnel,civil society organizations,and policy-makers regarding the use of social media and other internet-based technologies to inspire,facilitate,and inform illegal and often violent activitie

116、s by foreign and domestic threat actorsPillar 2:Enhance Information SharingTo better detect and respond to emerging threats,Pillar 2 calls for enhancing the United States information-sharing capabilities.Pillar 2 necessitates the creation of a national information sharing platform that fulfills thre

117、e key objectives.First,it improves geographic mapping of threat-related incidents.Second,it allows for sharing of information regarding emerging threats and active incidents.Third,it inte-grates information gathering and sharing efforts by U.S.State,Local,Tribal,and Territorial(SLTT)law enforce-ment

118、 and non-government entities to better detect emerging threats.Pillar 3:Educate and EmpowerIn support of Pillar 3,we as a community must build public-private partnerships to expand awareness of the new threat landscape as well as develop and imple-ment initiatives that increase communities resilienc

119、e to contemporary threats.Pillar 3 requires organized and expanded efforts to build local resilience among communities targeted by threat actors.These initiatives must include bridging the gap between the national security community,civil society and philanthropic organizations,and local governments

120、 to ensure that everyone understands the threat environ-ment has changed,that federal and state governments cannot address the new threat alone,and that civil society,philanthropic organizations,and local govern-ments must collectively help meet this new challenge.“Nation-state adversaries use infor

121、mation operations and cyber intrusions hand-in-hand to further foreign malign influence goals,”explained the Cybersecurity and Infrastructure Security Agency(CISA),Federal Bureau of Investigation(FBI),and Office of the Director of National Intelligence(ODNI)in their advisory.12Cybersecurity Quarterl

122、yPillar 4:ProtectFinally,the National Framework for Action highlights the need to support efforts by local communities to prevent acts of violence and other criminal activity inspired,facili-tated,and informed by online activity.Any national effort to address the evolving threat envi-ronment should

123、include establishing a consistent level of capability across the United States for local communi-ties to detect,evaluate,and manage the risk of violence or other illegal activity by those individuals who are influ-enced by malicious online content.This can be achieved by supporting local efforts to

124、conduct threat/behavioral risk assessments and deploy multi-disciplinary threat management strategies.A Call to Action for a Whole-of-Society ApproachTo make the connected world a safer place for people,businesses,and governments,we must work together to address multidimensional threats with adaptab

125、ility and nationwide coordination.An effective response should involve government,academia,community groups,faith-based organizations,businesses,and other entities,each of which has a key role in preventing acts of violence and other illegal activity.Additionally,a concerted effort addressing the in

126、creasing use of advanced computing like AI by foreign and domestic threat actors as they engage in cyber,physical,and information operations will prepare society to counter these threats in the future.This National Framework is a call to action that,if imple-mented,will support a whole-of-society ef

127、fort to address this complex,volatile,and evolving threat landscape.Ready to play your part?Download our new white paper,Enhancing Safety in the Connected World A National Framework for Action,to explore and learn how these four pillars bolster the United States ability to respond to the changing th

128、reat environment,mitigate the impact of threat actor behavior,and build resilience among the nations communities.John D.Cohen serves as the Executive Director for the Program for Countering Hybrid Threats at the Center for Internet Security(CIS).In this role,he works closely with law enforcement,men

129、tal health,and civil society organizations across the nation to address issues relating to the impact of social media and the internet on crime,violence,community safety,and constitutional protections.Cohen has four decades of experience in law enforce-ment,counter-intelligence,and homeland security

130、.Prior to CIS,he served as the Assistant Secretary for Counter-terrorism and Law Enforcement Policy,Coordinator for Counterterrorism and the Senior Official Performing the Duties of the Under Secretary of Intelligence and Analysis at the United States Department of Homeland Security(DHS).During the

131、Obama Administration he served as the Acting Under-Secretary for Intelligence and Analysis(I&A)and Counterterrorism Coordinator for DHS.During his time at DHS,Cohen was a direct adviser to the Secretary and oversaw the development and implementation of a number of high visibility Department-wide cri

132、me preven-tion,counterterrorism,counter-intelligence and border and transportation security initiatives.Prior to his career at DHS,Cohen served as a senior policy advisor to a number of federal,state,and local offi-cials,including as Senior Advisor to the Program Manager for the Information Sharing

133、Environment,Office of the Director of National Intelligence for the Administration of George W.Bush,Senior Homeland Security Policy Advisor to Governor Mitt Romney of the Commonwealth of Massachusetts and Janet Napolitano,Governor of the State of Arizona.He has received numerous industry awards and

134、recogni-tion,including by the National Journal as one of the“100 Key People in Homeland Security”and“Law Enforcement Person of the Year”by Law Enforcement News for his work in developing and establishing a national non-emer-gency number,3-1-1.Cohen is also an Adjunct Professor at the Georgetown Univ

135、ersity Security Studies Program and has served as an on-air expert for ABC News on homeland security,terrorism,counter-intelligence,and law enforce-ment issues.Ad PlacementSubscribeWeekly reports and in-depth analysis focusing on emerging threats to help you stay aware and stay protected.14Cybersecu

136、rity QuarterlyThe Future of Security Operations in SLTT OrganizationsAs new advancements in technology continue to drive change in both state,local,tribal,and territorial(SLTT)organizations and threat actors out to compromise them,security operations must adapt to the evolving threat landscapeBy Jam

137、es GlobeSecurity operations(SecOps)within state,local,tribal,and territorial(SLTT)organizations is at a pivotal junc-ture as these organizations position their information technology(IT)infrastructure to deploy enterprise arti-ficial intelligent(AI)services.As digital transformation accelerates acro

138、ss governments,so does the sophisti-cation of cyber threats.The future of SecOps is a rapidly evolving landscape shaped by advanced technologies,evolving threats,and regulatory shifts in data protection.SLTT organizations must anticipate and adapt to these changes to ensure resilience and protect cr

139、itical infra-structure and sensitive information.This article explores the key trends that will shape the future of security oper-ations within SLTT organizations,from the rise of AI and machine learning(ML)to the importance of cybersecu-rity data governance and protection policies.1.Increased Relia

140、nce on AI and Machine LearningOne significant trend in the future of security operations is the increasing role of artificial intelligence and machine learning in threat detection and response.SLTT organi-zations,which often deal with vast amounts of sensitive data,are prime targets for cyber attack

141、s.Traditional SecOps strategies,which rely heavily on manual anal-ysis and reactive responses,struggle to keep up with the growing number of sophisticated threats.AI and ML can process large amounts of data in real time,identifying anomalies and potential threats much faster than human analysts.Thes

142、e technologies can also help identify potential risky staff activity that help with tailored security awareness training development and prioritize their defense-in-depth deployment strategy.As SLTT entities adopt more cloud-based systems,AI-powered cybersecurity tools will become essential in detec

143、ting malicious activities,monitoring network traffic,and analyzing security incidents.For example,AI can enhance terrestrial and virtual endpoint security by detecting patterns that indicate malware or unauthorized access attempts.ML algorithms can help refine threat intelligence over time,reducing

144、false-positive alerts and making future predictions more accurate.As AI continues to evolve,its application in automation and orchestration within security operations will drive more proactive,efficient,and scalable SecOps solutions in SLTT organizations.2.Multi-Factor Authentication and Zero Trust

145、Architecture Becomes the StandardThe shift towards zero trust security models will also shape the future of SecOps in SLTT organizations.Traditionally,security protocols have relied on perim-eter defenses assuming that threats originate outside The future of SecOps is a rapidly evolving landscape sh

146、aped by advanced technologies,evolving threats,and regulatory shifts in data protection.SLTT organizations must anticipate and adapt to these changes to ensure resilience and protect critical infrastructure and sensitive information.Fall 202415the network.As organizations deploy more cloud-based ser

147、vices,data becomes more distributed,and employees increasingly work remotely,these traditional security models become ineffective.SLTT organizations,respon-sible for protecting critical infrastructure and sensitive citizen data,must rethink their security strategies.Zero trust architecture assumes t

148、hat no entity internal or external can be trusted by default.Every user,device,and application must be continuously authenti-cated before accessing sensitive information.Multi-factor authentication(MFA)relies on something you know,something you have,and increasingly something you are(biometrics).MFA

149、 combined with a zero trust architec-ture significantly reduces the attack surface,especially in decentralized environments where employees use multiple devices and access data remotely.The future of SecOps will see SLTT organizations continue to deploy MFA technology as well as embrace zero trust f

150、rameworks to prevent insider threats,managing access control more effectively.3.Automation and Orchestration for Enhanced EfficiencyAs cyber threats increase in volume and complexity,security teams are often overwhelmed by alerts and false positives.SLTT organizations face resource constraints and l

151、imited cybersecurity expertise,making it difficult to respond to every potential threat in real time.The future of SecOps will lean heavily on automation and orchestration to streamline secu-rity processes.Automation helps reduce the manual workload by handling routine tasks,such as patch manage-men

152、t,log analysis,and alert triaging.Orchestration ensures that various security tools and processes work together cohesively,creating a more unified and effi-cient security ecosystem.For example,automated response systems can block malicious IP addresses,quarantine infected endpoints,and reset comprom

153、ised credentials without human intervention.Automation will be crucial for scaling cybersecurity operations to handle growing digital footprints without overburdening security teams.Automation tools can provide continuous monitoring and real-time threat responses,which are critical in a sector where

154、 down-time or breaches could lead to significant public safety and trust concerns.4.Increased Focus on Cybersecurity Workforce DevelopmentWhile technology plays a central role in the future of SecOps,skilled labor remains central.The global shortage of cybersecurity professionals has left SLTT organ

155、izations particularly vulnerable.A lack of trained personnel can lead to slower response times,missed vulnerabilities,as well as unpatched systems and inade-quate enforcement of cybersecurity policies.To address this,SLTT organizations must prioritize cyber-security workforce development.This includ

156、es training current staff in advanced cybersecurity practices,offering specialized certifications,and attracting new talent and reskilling or upskilling existing staff to fill critical security roles.States and local government agencies may need to invest in programs that encourage more professional

157、s to enter the cybersecurity field,such as scholarships,apprenticeships,and public-private partnerships.In the future,we are likely to see increased collabo-ration between government agencies,educational institutions,and private sector organizations to close the cybersecurity skills gap.By building

158、a robust and capable cybersecurity workforce,SLTT organizations can strengthen their security posture and respond more effectively to emerging threats.While technology plays a central role in the future of SecOps,skilled labor remains central.The global shortage of cybersecurity professionals has le

159、ft SLTT organizations particularly vulnerable.16Cybersecurity Quarterly5.Regulatory and Compliance ChallengesThe public sector operates within strict regulatory frame-works designed to protect citizen data and national infrastructure.As cyber threats evolve,so do the data protection regulations gove

160、rning cybersecurity practices.SLTT organizations must stay ahead of these regulatory changes to ensure compliance and avoid penalties.Future SecOps will need to adapt to evolving data protection laws,such as the General Data Protection Regulation(GDPR)in Europe and the National Institute of Standard

161、s and Technology(NIST)guidelines in the United States.As state governments and eventually the federal government introduce more stringent cyberse-curity policies,SLTT organizations will be required to implement advanced security measures and provide transparent reporting of their cybersecurity pract

162、ices.6.Collaboration and Information SharingCollaboration will be critical in the future of security oper-ations.SLTT organizations must work closely with private industry,law enforcement,and international partners to address the growing cyber threat landscape.Threat intel-ligence sharing and joint

163、cybersecurity initiatives can help mitigate risks and enable faster,more coordinated responses to cyber attacks.ConclusionThe future of SecOps in SLTT organizations is shaped by technological advancements,workforce development,and evolving regulatory landscapes.AI,MFA with zero trust architectures,a

164、utomation,and collaboration will play a crucial role in addressing the complex cybersecu-rity challenges that lie ahead.By embracing these trends,SLTT organizations can better protect their critical assets and maintain the trust of the citizens they serve.James Globe,CISSP,is the Vice President,Stra

165、tegic Advisor Cybersecurity Capabilities at the Center for Internet Security(CIS).Globe serves as the senior leader within Operations and Security Services(OSS)responsible for advising on strategic cybersecurity capabilities,cybersecurity workforce,data analytic analysis,frameworks,and emerging and

166、enabling technologies for use by U.S.SLTT members.He has more than 20 years in technology leadership,including extensive experience engineering signal intelli-gence mission systems,workflow management systems,financial and banking systems,modeling and simulation systems,and web-based information por

167、tals for top-tier banking and defense contracting organizations,including Bank of America,SAIC,BAE Systems,and L3 Harris Technologies.Globe earned a Bachelor of Science in computer science and mathematics from Georgia State University.He also holds a Master of Science from John Hopkins University in

168、 telecommunications and security engineering.Fall 202417A Governance,Risk,and Compliance(GRC)Perspective of the FutureBy Stephanie Gass,Director of Governance,Risk,and Compliance,CISThe governance,risk,and compli-ance(GRC)landscape in information security is rapidly evolving,presenting GRC leaders w

169、ith both new chal-lenges and opportunities.The role of Information Security Officers(ISOs)continues to expand to include privacy requirements,artificial intelli-gence governance,rolling out of zero trust models,and acting as a voice for the community through collaboration and awareness.Artificial In

170、telligenceThere are several key components organizations should consider when integrating artificial intelligence(AI)onto their operations.They should first consider governing the use of AI in both new and existing envi-ronments and identifying what data elements can be utilized.Secondly,they can le

171、verage AI to enhance existing processes,such as predicting and mitigating threats or aiding in audits and vulnerability management.Lastly,if rolling out AI-based products or services,it is crucial to communi-cate effectively with customers about the use of these technologies.Regulatory Landscape Wit

172、h the ongoing introduction of privacy regulations,new legislation and regulation specifically tailored to AI is also emerging.Frameworks like the EU AI Act and the National Institute of Standards and Technology(NIST)AI Risk Management Framework provide organizations with the guidance on how to main-

173、tain security while leveraging evolving technologies.Zero TrustAdopting zero trust models is a gradual process,but it is quickly becoming a priority for many organi-zations to ensure information security and assurance.By implementing zero trust security models into their network infrastructure and o

174、perational policies,organizations can better protect themselves from breaches and other cyber threats.CollaborationFor GRC professionals,fostering collaboration both within the organi-zation and with external partners is vital.Internally,collaboration drives growth and maintains alignment with strat

175、egic initiatives.Externally,partnerships with industry and governmental agencies help shape comprehensive information secu-rity strategies.Public AwarenessRaising public awareness is essential and closely linked to external collab-oration efforts.Public awareness campaigns and educational programs c

176、an help demystify technical aspects of information security and emphasize the importance of privacy to external stakeholders and customers.As we focus on the future,these are a few elements that organizations should be mindful of.Theres not a one size fits all approach,but rather we should look at t

177、he strategic initia-tives and overall risk appetite to understand where we can make the most impact.CybersideChatTheres not a one size fits all approach,but rather we should look at the strategic initiatives and overall risk appetite to understand where we can make the most impact.18Cybersecurity Qu

178、arterlyStrengthening Cybersecurity Leadership:The MS-ISAC Welcomes New Executive Committee MembersBy Karen Sorady,Vice President of Strategies and Plans,MS-ISACIn the ever-evolving world of cyberse-curity,strong leadership and diverse perspectives are crucial for protecting our nations digital infra

179、structure.The Multi-State Information Sharing and Analysis Center(MS-ISAC),a decades-strong cornerstone designed to strengthen cybersecurity in U.S.State,Local,Tribal,and Territorial(SLTT)government organizations,recently announced the addition of four distinguished professionals to the MS-ISAC Exec

180、utive Committee for the 20242027 term.A New Chapter in Cybersecurity GovernanceThe MS-ISAC Executive Committee plays a pivotal role in representing the interests and priorities of U.S.SLTT entities,with that input shaping the strategic direction for how the MS-ISAC continues to deliver value to memb

181、ers.These new members represent a cross-section of U.S.SLTT govern-ment entities,bringing diverse perspectives from county,K-12,and state levels.Their collective exper-tise will be instrumental in addressing the unique cybersecurity challenges faced by the different sectors repre-sented in the MS-IS

182、AC.Newly Elected MS-ISAC Executive Committee Members Jason Skeen,IT Security Manager,Mecklenburg County,North Carolina(County seat,20242027 term)Joshua Bauman,Director of Technology,Festus R-VI School District,Missouri(K-12 seat,20242027 term)Torry Crass,State Chief Risk Officer,North Carolina(State

183、 seat,20242027 term)Patrick Wright,Chief Information Security&Privacy Officer,State of Nebraska(State seat,20242027 term)Leadership Transition and ContinuityIn addition to welcoming new members,the MS-ISAC is pleased to announce a significant leader-ship transition.Terry Loftus,Assistant Superintend

184、ent&Chief Information Officer at the San Diego County Office of Education,California,will assume the role of Chair of the Executive Committee on October 1,2024.As a current Executive Committee Member in the K-12 seat,Loftus delivers ISACUpdateThe Executive Committee serves as the voice of the MS-ISA

185、Cs 17,000+member organizations,providing a conduit for every U.S.SLTT entity,regardless of size or resources,to have its voice heard and its interests represented to key external partners.Fall 202419continuity and a deep understanding of the MS-ISACs mission to this crucial leadership position.A Col

186、lective Voice for CybersecurityThe Executive Committee serves as the voice of the MS-ISACs 17,000+member organizations,providing a conduit for every U.S.SLTT entity,regardless of size or resources,to have its voice heard and its interests represented to key external partners,such as Congress,the Whi

187、te House,the Cybersecurity and Infrastructure Security Agency(CISA),and Sector Risk Management Agencies.A Community-Driven ApproachAt the heart of the MS-ISACs success is its community-driven model.The Executive Committee embodies this approach,serving as a bridge between the MS-ISAC membership base

188、 and its key part-ners,included the Center for Internet Security(CIS)and federal support agencies.This collaborative spirit extends beyond the committee,fostering a culture of information sharing and mutual support among all MS-ISAC members.A United Front Against Cyber ThreatsAs cyber threats contin

189、ue to evolve and grow in complexity,the collabo-ration fostered by the MS-ISAC and its Executive Committee remains vital.By electing representative leaders from various U.S.SLTT sectors,the MS-ISAC creates a powerful network of shared knowl-edge,best practices,and resources.The addition of new Execu

190、tive Committee members and the tran-sition in leadership mark an exciting chapter for the MS-ISAC.As we move forward,this new team will be at the tip of the spear,driving inno-vation,collaboration,and resilience in increasing cyber maturity across U.S.SLTT entities.The MS-ISACs commitment to empower

191、ing U.S.SLTT organiza-tions to better defend themselves against pervasive cyber threats is unwavering.Through its compre-hensive range of no-cost and cost-effective cybersecurity services and solutions,the MS-ISAC equips its members with the tools and expertise members have indicated they are most i

192、n need of to defend against cyber threats.Looking AheadAs we welcome our new Executive Committee members and prepare for the leadership transition,the MS-ISAC remains focused on its core mission:improving the cybersecurity posture of SLTT governments across the nation.The diverse expertise and fresh

193、 perspectives brought by the new members will undoubtedly contribute to the MS-ISAC more effectively meeting the needs of its members.The challenges ahead are significant,and with this Executive Committee and the continued dedication of the committee members,the MS-ISAC will continue the work of bet

194、ter protecting our nations SLTT digital infrastructure.We are also fortunate to have the continued support and leadership of our outgoing committee members,Gary Coverdale,Bhargav Vyas,and Arnold Kishi,to whom we are extremely grateful for their dedi-cated service.For SLTT organizations looking to bo

195、lster their cybersecurity defenses and join this collaborative community,MS-ISAC membership is avail-able at no cost.To learn more about becoming a member and accessing the valuable resources the MS-ISAC offers,visit https:/learn.cisecurity.org/ms-isac-registration.In this interconnected digital wor

196、ld,our strength lies in our unity.The MS-ISAC,guided by its Executive Committee,stands ready to face the cybersecurity challenges of both today and tomorrow,contributing to a safer digital future for U.S.SLTT organizations and the communi-ties they serve.As we move forward,this new team will be at t

197、he tip of the spear,driving innovation,collaboration,and resilience in increasing cyber maturity across U.S.SLTT entities.20Cybersecurity QuarterlyOctoberOctober 2 3The Harrisburg University of Science and Technology,in conjunction with the Commonwealth of Pennsylvania,County Commissioners Associati

198、on of Pennsylvania,and Central Susquehanna Intermediate Unit 16,will host the 2024 Harrisburg University Cybersecurity Summit on its campus in Harrisburg,Pennsylvania.The event will bring together thought leaders,security experts from state and local government,federal agencies,K-12 school districts

199、,higher education,and technology pioneers from the private sector to engage in dynamic discussions,explore cutting-edge solutions,and forge partnerships that will empower them to protect our digital world.Multi-State Information Sharing and Analysis Center(MS-ISAC)Regional Engagement Manager Megan I

200、ncerto will lead a session on no-cost resources to defend against cyber attacks.Learn more at https:/summits.harrisburgu.edu/cybersecurity/.October 8The 2024 Tech Valley Cybersecurity Summit will take place at Rivers Casino and Resort in Schenectady,New York.The event will provide attendees with tai

201、lored insights from top industry thought leaders on navigating the cybersecurity landscape and addressing real-world challenges.CIS CISO Sean Atkinson will deliver the events opening keynote,discussing zero trust security and ransomware defense in the age of AI.Learn more at https:/ 9-11The New York

202、 State Local Government IT Directors Association(NYSLGITDA)will host the 2024 NYSLGITDA Fall Conference at the Watkins Glen Harbor Hotel in Watkins Glen,New York.The event will serve as a gathering point for Chief Information Officers(CIOs),IT Directors,and technicians representing local governments

203、 in New York State.With a focus on training,technology,and government,this conference will foster the exchange of crucial information and perspectives among professionals.The CIS Services team will be onsite,sharing our no-and low-cost cybersecurity resources for state and local governments.Learn mo

204、re at https:/nyslgitda.org/event/fall-2024-member/.October 10 The Connecticut Education Network(CEN)and Connecticut National Guard will host Cyber Nutmeg 2024 at the Hartford Marriott Downtown in Hartford,Connecticut.The event is intended for state,municipal,and educational leaders along with the IT

205、 and cybersecurity professionals who support them.It is designed to raise awareness of cybersecurity threats and recommended defenses for attendees to protect their organizations.MS-ISAC Regional Engagement Manager Elijah Cedeno will lead a session on reasonable cybersecurity,and Senior Elections Cy

206、ber Threat Intelligence Analyst Timothy Davis will lead a session on threats for the upcoming elections.Learn more at https:/ 10 11The Virginia Alliance for Secure Computing and Networking(VASCAN)will host the 2024 VASCAN Annual Conference at the William&Mary Alumni House in Williamsburg,Virginia.Th

207、e event will bring together IT and cybersecurity leaders and professionals from across the state to learn from industry experts,share their experiences and best practices,and foster growth across the VASCAN community.MS-ISAC Regional Engagement Manager Megan Incerto will lead a session on no-cost cy

208、bersecurity resources available to state and local governments.Learn more at https:/vascan.org/vascan-2024/.October 15GovTech will host the Louisiana Digital Government Summit at the Renaissance Baton Rouge in Baton Rouge,Louisiana.The event will bring together public sector technology and industry

209、leaders to connect on innovative approaches,get inspired,and discover new technologies.The Summit will include cybersecurity leaders from state and local government throughout Louisiana.MS-ISAC Regional Engagement Manager Heather Doxon will be part of a panel session on strategies for building a sta

210、te-wide cyber defense network.Learn more at https:/ 202421October 15 17The Utility Technology Association(UTA)will host the 2024 UTA IT Conference at the Embassy Suites by Hilton Huntsville in Huntsville,Alabama.The event will bring together IT leaders and professionals from the nations utilities to

211、gether to hear from industry experts,learn about the most pertinent technology and security topics for utilities,and network with peers.CIS Services Senior Account Executive Jeff Sparks will lead a session at the event on no-and low-cost cybersecurity services for public utilities.Learn more at http

212、s:/www.utilitytechnology.org/Events.October 16GovTech will host the Michigan Cyber Summit at the Suburban Collection Showplace in Novi,Michigan.The event will provide an opportunity for government technology professionals to learn about the latest efforts to defend against,respond to,and recover fro

213、m cybercriminals who wish to do harm.The Summit will include cybersecurity leaders from state and local government throughout Michigan.MS-ISAC Regional Engagement Manager Anthony Essmaker will be part of a panel session with StateRAMP and CISA on cybersecurity resources for state and local governmen

214、ts.Learn more at https:/ 18The Sixth Annual Houston Cybersecurity Summit will take place at The Westin Houston,Memorial City in Houston,Texas.It will bring together leaders and cybersecurity professionals to learn about the latest cyber threats.CIS Senior Cybersecurity Engineer Jen Jarose will lead

215、a panel session at the event on cloud security.Through our partnership,U.S.SLTT government entities can receive free admission.Contact the CIS CyberMarket team for more details.Learn more at https:/ 20 22The EdTech Leaders Alliance Conference will take place at the Nationwide Hotel and Conference Ce

216、nter in Lewis Center,Ohio.The event will bring together leaders and professionals from Ohio Association for Supervision and Curriculum Development(ASCD),the International Society for Technology in Education(ISTE),and the Ohio Chapter of the Consortium of School Networking(CoSN)to learn from and coll

217、aborate with leaders in EdTech from Ohio and beyond.The CIS Services team will be onsite,sharing our no-and low-cost cybersecurity resources for public schools.Learn more at https:/ 20 22The CGI Forum 2024 will take place at the Hyatt Regency St.Louis at the Arch in St.Louis,Missouri.The event is th

218、e premier networking and educational event for the CGI Advantage community.With numerous in-depth product sessions and networking opportunities,the Forum is the must-attend event for government professionals to share experiences and best practices with peers and experts in the field.CIS Senior Direc

219、tor of Cybersecurity Advisory Services Andy Hanks will be a panelist during a session on cybersecurity strategy and resilience.Learn more at https:/ 21 24The Missouri Research and Education Network(MOREnet)will host the 2024 MORENet Annual Conference at the Branson Convention Center in Branson,Misso

220、uri.The event will bring together K-12 and higher education leaders and professionals from around the state to learn from industry experts,network with peers,and discover new solutions in classroom technology,project-based learning,digital citizenship and accessibility,IT management,artificial intel

221、ligence,cybersecurity,and networking.MS-ISAC Regional Engagement Manager Anthony Essmaker will lead a session on no-cost cybersecurity resources for public K-12 schools and universities.Learn more at https:/ QuarterlyOctober 22The Inaugural Indianapolis Cybersecurity Summit will take place at the Hy

222、att Regency Indianapolis in Indianapolis,Indiana.It will bring together leaders and cybersecurity professionals to learn about the latest cyber threats.CIS Cybersecurity Engineer Randie Bejar will lead a panel session at the event on cloud security.Through our partnership,U.S.SLTT government entitie

223、s can receive free admission.Contact the CIS CyberMarket team for more details.Learn more at https:/ 23 25The Ohio Municipal League will host the 73rd Annual Ohio Municipal League Conference and Exhibit Show at the Renaissance Columbus Downtown Hotel in Columbus,Ohio.The event will bring together mu

224、nicipal leaders from across the state to learn from industry experts,engage in thought-provoking sessions,and network with peers.The CIS Services team will be on site,sharing our no-and low-cost cybersecurity resources for local governments.Learn more at https:/www.omlohio.org/240/Ohio-Municipal-Lea

225、gue-Annual-Conference.October 25The Eight Edition of the Silicon Valley Cybersecurity Summit will take place at the Santa Clara Marriott in Santa Clara,California.It will bring together leaders and cybersecurity professionals to learn about the latest cyber threats.CIS Cybersecurity Engineer Darren

226、Freidel will lead a panel session at the event on cloud security.Through our partnership,U.S.SLTT government entities can receive free admission.Contact the CIS CyberMarket team for more details.Learn more at https:/ 29The Eight Annual Boston Cybersecurity Summit will take place at the Sheraton Bost

227、on Hotel in Boston,Massachusetts.It will bring together leaders and cybersecurity professionals to learn about the latest cyber threats.CIS Senior Cybersecurity Engineer Eric Pinnell will lead a panel session at the event on cloud security.Through our partnership,U.S.SLTT government entities can rec

228、eive free admission.Contact the CIS CyberMarket team for more details.Learn more at https:/ 8The Critical Infrastructure Cybersecurity Summit will take place virtually.It will bring together leaders and cybersecurity professionals to learn about the latest cyber threats.Through our partnership,U.S.S

229、LTT government entities can receive free admission.Contact the CIS CyberMarket team for more details.Learn more at https:/ 13 16The National League of Cities(NLC)will host the NLC City Summit at the Tampa Convention Center in Tampa,Florida.While each city summit is a cant-miss event packed with the

230、latest trends and valuable connections,this years event will also be an incredible finale to a year-long celebration of NLCs 100 years of serving and strengthening cities,towns,and villages.Over 4,000 municipal leaders from across the United States will come together to learn the latest on trending

231、and emerging topics,get updates on the changing federal landscape,and network with their peers.Learn more at https:/citysummit.nlc.org/.November 15The 14th Edition of the New York Cybersecurity Summit will take place at the Sheraton New York Times Square.It will bring together leaders and cybersecur

232、ity professionals to learn about the latest cyber threats.Through our partnership,U.S.SLTT government entities can receive free admission.Contact the CIS CyberMarket team for more details.Learn more at https:/ 202423November 19 21The Public Technology Institute(PTI)will host its Government IT Leader

233、ship Summit&Symposium at the JW Marriott Mall of America in Bloomington,Minnesota.The GOVIT Leadership Summit,taking place on November 19,will bring together hundreds of local and state government IT executives and emerging leaders from across the country for a day filled with valuable information s

234、haring and conversations about current and future trends,challenges,and opportunities.The GOVIT Symposium,taking place on November 20 and 21,will include even more government technology professionals from diverse functional areas to learn and exchange ideas and solutions on a broad set of topics.Lea

235、rn more at https:/fusionlp.org/govit-2024/.November 19 22Microsoft Ignite will take place at the McCormick Place Convention Center in Chicago.Microsoft users from around the world will come together to discover solutions that will help modernize and manage their own intelligent apps,safeguard their

236、business and data,accelerate productivity,and connect with partners while growing their community.Attendees will participate in deep technical trainings,breakout sessions,partner interactions,and immersive learning experiences with the teams that build the products.The CIS team will be on the expo f

237、loor at Booth 424 sharing our resources for working securely in Microsoft environments.Learn more at https:/ 21The Ninth Annual Los Angeles Cybersecurity Summit will take place at the Fairmont Century Plaza in Los Angeles.It will bring together leaders and cybersecurity professionals to learn about

238、the latest cyber threats.CIS Cybersecurity Engineer Justin Brown will lead a panel session at the event on cybersecurity readiness.Through our partnership,U.S.SLTT government entities can receive free admission.Contact the CIS CyberMarket team for more details.Learn more at https:/ 2 6AWS re:Invent

239、will take place at multiple venues in Las Vegas.AWS users from around the globe will come together at AWSs premier learning event for five exciting days of keynotes,breakout sessions,chalk talks,interactive learning opportunities,and career-changing connections with AWS leaders,experts,and peers.Att

240、endees will walk away from the event stronger and more proficient in all areas of AWS technology,and better equipped to tackle their most ambitious goals in the cloud.The CIS team will be on the expo floor in the Venetian Expo at Booth 273 sharing our resources for working security in AWS environmen

241、ts.Learn more at https:/ 4GovTech will host the Hawaii Public Sector Cybersecurity Summit at the Prince Waikiki in Honolulu,Hawaii.The event will provide an opportunity for government technology professionals to learn about the latest efforts to defend against,respond to,and recover from cybercrimin

242、als who wish to do harm.The Summit will include cybersecurity leaders from state and local government throughout Hawaii.MS-ISAC Regional Engagement Manager Heather Doxon will be part of a panel session with CISA and the State of Hawaii on cybersecurity resources for state and local governments.Learn

243、 more at https:/ 6The Sixth Annual Scottsdale Cybersecurity Summit will take place at The Phoenician in Scottsdale,Arizona.It will bring together leaders and cybersecurity professionals to learn about the latest cyber threats.Through our partnership,U.S.SLTT government entities can receive free admi

244、ssion.Contact the CIS CyberMarket team for more details.Learn more at https:/ 12The Second Annual Jacksonville Cybersecurity Summit will take place at the Sawgrass Marriott Golf Resort and Spa in Ponte Vende Beach,Florida.It will bring together leaders and cybersecurity professionals to learn about

245、the latest cyber threats.Through our partnership,U.S.SLTT government entities can receive free admission.Contact the CIS CyberMarket team for more details.Learn more at https:/ in being a contributor?Please contact us:cybermarketcisecurity.orgwww.cisecurity.org 518.266.3460CIS CyberMarket cisecurity.org infocisecurity.org 518-266-3460 Center for Internet Security CISecurity TheCISecurity cisecurity CenterforIntSec