Jeffrey W. Brown’s Post

The 2024 Deloitte NASCIO Survey highlights significant cybersecurity challenges for state governments. State CISOs are facing increased responsibilities without dedicated budgets, putting critical data and services at risk. AI-enabled threats are a major concern, but GenAI adoption is on the rise, with many states already leveraging it for security and more planning to do so soon. Additionally, the number of CISOs with small cybersecurity teams has decreased, indicating stronger, more capable teams. The government's ability to deliver on its mission depends on data security. At Deloitte, we are committed to supporting our government clients with robust cybersecurity solutions to protect public data and ensure service continuity. Discover more insights from the survey here: https://lnkd.in/gbB2TfP2 Srini Subramanian, Meredith Ward #Cybersecurity #GovernmentServices #Deloitte #NASCIO #GenAI #DataSecurity #DeloitteInsights

At last week’s National Association of State Chief Information Officers (NASCIO) conference, my Deloitte colleagues released the biennial Deloitte-NASCIO Survey of state CISOs, which always has new and intriguing information. Of note, 71% of those surveyed find AI threats are “high” and 41% aren’t confident their teams can handle these new attacks. Perhaps as worrisome, more than one-third still do not have a dedicated cybersecurity budget. On the plus side, while staff is tough to find, many of these state CISOs have been able to increase the number of cyber-focused employees to defend against these risks.   More details on this survey can be found here: https://lnkd.in/eez8kbPN

Cybersecurity threats aren’t letting up, and a third of state CIOs say their dedicated cybersecurity budgets aren’t keeping up. That’s just one key finding from Deloitte’s biennial study our colleagues conducted with the National Association of State Chief Information Officers (NASCIO). Other findings? State CISOs report that cyberattacks continue to get more sophisticated, in part aided by artificial intelligence, and nearly half cite IT and cyber staffing as a top five challenge for them.    You can dig more into the survey here:  https://lnkd.in/g8t6-EeF

State CISOs are taking on bigger roles, with 98% now having formalized authority. Yet challenges like AI-driven threats and limited resources remain top of mind—underscoring the need for strategic solutions. As the Deloitte-NASCIO Cybersecurity Study states, “The continuing growth of CISOs’ roles in an increasingly dangerous threat environment emerged as a major theme.” Ostrich Cyber Risk empowers CISOs to make the most of their resources by identifying the biggest risks and most effective controls. With our tool, CISOs can prioritize what matters, justify budgets, and clearly communicate strategies to non-technical stakeholders. Read more here: https://lnkd.in/eJa2n9eh #CyberRisk #CyberRiskManagement #CISO

🥷 In the ever-expanding digital landscape, the threat of data #theft has become a pressing concern for businesses of all sizes. 📈 Large-scale data breaches, often resulting from #cyberattacks or insider threats, have become increasingly common. ❗And they are putting sensitive information at risk. 🧠 Our new blog article delves into the intricacies of data #protection, providing professionals with a strategic guide to safeguard their digital assets. 🤜 Explore 10 essential best practices that can illuminate a path for your business's top-notch #security: https://lnkd.in/dUwTWFxT #PRODAFTThreatIntelligence #BlogArticle #DataProtection #CybersecurityForBusinesses

🌐 2024: A Year of Cyber Chaos 🌐 As cyber threats reach unprecedented levels, with over 1 billion records compromised in just the first half of the year, it's clear that no industry is immune. From financial services to healthcare and retail, businesses are grappling with the harsh reality of digital vulnerabilities. But the question remains: Are we doing enough? With hackers becoming more sophisticated and insider threats on the rise, the time to act is now. Implementing robust security measures isn’t just a choice; it’s a necessity. This is where ISO/IEC 27001:2022 steps in—offering a comprehensive framework to safeguard your organization against the evolving landscape of cyber threats. At UNICERT, we help you navigate these challenges, ensuring that your business is compliant and resilient in the face of cyber chaos. By investing in ISO 27001, you're not only fortifying your digital defenses but also building trust with your clients and stakeholders. Secure your future with UNICERT. #ISO27001 #CyberSecurity #InformationSecurity #DataProtection #RiskManagement #DigitalTransformation #BusinessContinuity #UNICERT

(Part Two) ELEMENTS OF A SECURITY PLAN - Policies: A set of rules that reduces risk and protects information - Standards: References that inform how to set policies - Procedures: Step-by-step instructions to perform a specific security task Compliance: The process of adhering to internal standards and external regulations Regulations: Rules set by a government or other authority to control the way something is done NIST CSF (National Information Security Technology Cybersecurity Framework) -Has three main components CORE: A set of desired cybersecurity outcomes that help organizations customize their security plan. Like the following five below.  Identify, Protect, Detect, Respond, Recover TIERS: A way of measuring the sophistication of an organization's cybersecurity program. Tier 1 is the lowest score and tier 4 is the best score for this system. Level 1 - 4 PROFILES: Pre-made templates of the NIST CSF that are developed by a team of industry experts. They are used to help organizations develop a baseline for their cybersecurity plans, or as a way of comparing their current cybersecurity posture to a specific industry standard. ISC2 Studies: - Shifted too doing studies during my lunches at work, so about a good 30-40minutes each day. So far just covered general cybersecurity threat landscape and covered CIA triad.  - Got to knock out some studying yesterday and then today as well :) CyberWire (Feb 21, 2024) Headline:  Anchroing security for US ports CyberWire (Feb 22, 2024) Headline: AT&T outage leaves major cities offline CyberWire (Feb 23, 2024) Headline: Crackdown on privacy leads to a multi-million dollar fine CyberWire (Feb 24, 2024) Headline: Web host havoc: Unveiling the Manic Menagerie campaign. [Research Saturday] CyberWire (Feb 25, 2024) Headline: Encore: Chris Cochran: Rely on your strengths in areas of the unknown. [Engineering][Career Notes] CyberWire (Feb 26, 2024) Headline: LockBit reloaded: Unveiling the next chapter in cybercrime. CyberWire (Feb 27, 2024) Headline: Out with the old, in with the new. CybeWire (Feb 28, 2024) Headline: Protecting American data.   CyberWire (March 1, 2024) Headline: WhatsApp's legal triumph cracks the spyware vault

Our eighth biennial Deloitte-National Association of State Chief Information Officers (NASCIO) Cybersecurity Study reveals a cyber landscape roiled by fresh challenges, most notably the extensive advances in AI and gen AI. Some key findings of the report: 1) AI is bringing huge challenges--and opportunities--for CISOs 2) With the attack surface expanding, CISOs are center stage in managing new gen AI threats. 3) Nearly half the states report using Gen AI to improve security operations 4) Nearly half of the states have new CISOs since 2022. 5) Funding the exponentially increasing cyber threats remains a big issue for CISOs. "This level of funding is not enough to make a dent on the needs across the state,” one CISO told us. “It is off by an order of magnitude, at least if you include critical infrastructure such as drinking water and wastewater.” #cyber #CISOs #statecyber #cybersecurity #aicyber #genAIcyber Srini Subramanian Michael Wyatt John O'Leary Sushumna Agarwal Joseph Mariani Matt Gentile Meredith Ward Doug Robinson Jim Weaver Amanda Crawford Stephanie Dedmon, PMP, MBA Tracy Barnes, MSL Alex Whitaker Emily Mossburg Mandi Cohen Mark Nace Timothy Li Read more here: https://lnkd.in/ejvEFaHJ

Take a look at the evolving challenges highlighted in our eighth biennial Deloitte-National Association of State Chief Information Officers (NASCIO) Cybersecurity Study!