Adapting for the Future
In order to stay one step ahead of cyber threat actors and effectively defend their critical assets against cyber attacks, organizations need to be prepared to change with the times and foresee the next cybersecurity challenges approaching on the horizon
The Latest Evolution in Cybersecurity
Best Practices with CIS Critical Security Controls Version 8.1
Defending Against Threat Actors in the Increasingly Intertwined Cyber and Physical Domains
Key Trends Shaping the Future of Security Operations
Tackling the Unique Cybersecurity Challenges Facing Law Enforcement and Public Safety Organizations
Ad Placement
Active defense against cybersecurity threats
Cybersecurity Quarterly is published and distributed in March, June, September, and December. Founded MMXVII.
Published by Center for Internet Security, 31 Tech Valley Drive, East Greenbush, New York 12061
For questions or information concerning this publication, contact CIS at info@cisecurity. org or call 518.266.3460
© 2024 Center for Internet Security. All rights reserved.
Editor-in-Chief
Michael Mineconzo
Supervising Editor
Laura MacGregor
Copy Editors
Aaron Perkins
David Bisson
Autum Pylant
John Cohen
Stephanie Gass
James Globe
Charity Otwell
Aaron Perkins
Karen Sorady
www.sans.org/partnerships/sltt
QuarterlyUpdate with John Gilligan
“Attacks have become so frequent that we have come to accept them as a part of modern life... Indeed, it is an increasingly dangerous cyber world."
This past summer, we saw a continued increase in cyber attacks — ransomware, data exfiltration, denial of service — leading to service disruptions as well as loss of intellectual property and personal information. In fact, these attacks have become so frequent that we have come to accept them as a part of modern life. What is being masked, however, is the growing threat from foreign governments who are systematically working to undermine confidence in our government, our leaders, and our election processes, often using a combination of cyber and misinformation or disinformation attacks delivered through social media. Public reporting by the intelligence agencies and the FBI have also highlighted increasing efforts by foreign governments to compromise our critical infrastructure, opening the United States up to a “Pearl Harbor” attack at the time of our adversaries' choosing. Reports of significant breaches of Microsoft's internal systems raise questions about the reliability of the software and services relied upon by many companies and citizens. Indeed, it is an increasingly dangerous cyber world.
The CrowdStrike configuration error on July 19 that led to widespread outages of Microsoft-based systems using CrowdStrike’s Falcon product also highlighted the fact that global cyber disruptions can come from human error. Although it is widely assessed that CrowdStrike responded quickly to the error, many organizations across the globe were without access to critical systems for hours and in some cases days. There are many lessons to be learned from this event.
The theme for this issue of Cybersecurity Quarterly is appropriate: ‘Adapting for the Future.’ The articles selected for this issue address the changing threat environment as well as new tools and processes for addressing emerging cyber threats.
James Globe, VP of Strategic Cybersecurity Capabilities at the Center for Internet Security® (CIS®), has provided a piece on the future of security operations (SecOps). Developed from the perspective of state, local, tribal, and territorial (SLTT) organizations, his piece discusses key trends shaping the future, including increased adoption
and reliance on artificial intelligence and machine learning, zero trust architectures, multi-factor authentication, and use of automation and orchestration to increase efficiency of addressing threats. Another article provides an update on a two-year initiative at CIS to examine the interconnection between cyber threats, information operations, and physical threats leveraging the internet. The recently published report, Enhancing Safety in a Connected World — A National Framework for Action, identifies recommendations for dealing with this multidimensional world.
Charity Otwell, Director of Critical Security Controls, has provided a piece on the recent update to CIS Critical Security Controls® (CIS Controls®) Version 8.1. She discusses the changes made in the update, touching on some of the supporting guides, mappings, and tools in the Controls ecosystem that have been updated. Adam Ford, former CISO of Illinois and now CTO for SLED at our CIS CyberMarket® vendor partner Zscaler, submitted an article on the increasing importance of cybersecurity for protecting the integrity and functionality of law enforcement and public safety operations.
Karen Sorady, VP of Multi-State Information Sharing and Analysis Center® (MS-ISAC®) Strategy and Plans, provides an update this month introducing the recently elected members of the MS-ISAC Executive Committee and their objectives for the upcoming year. Stephanie Gass, our Director of Governance, Risk, and Compliance (GRC), uses her column this month to discuss key trends affecting the future of GRC.
I hope you enjoy this quarter’s issue. Have a great fall season!
Best Regards,
John M. Gilligan President & Chief Executive Officer Center for Internet Security
NewsBits&Bytes
Nerdio Launches Integration of CIS Hardened Images® Directly into Its Products
Nerdio, a premier solution for organizations of all sizes looking to manage and cost-optimize native Microsoft cloud technologies, has formed a strategic partnership with CIS to simplify secure configuration and deployment by leveraging Nerdio's platform. Nerdio has partnered with CIS to become one of the few providers integrating CIS Hardened Images directly into its products. This integration streamlines compliance efforts and enhances cybersecurity postures without requiring extensive customization or manual configuration, specifically for CIS Hardened Images for Microsoft Windows 10 and 11 available from the Azure Marketplace. To learn more about Nerdio and their new integration, please visit www.getnerdio.com.
New Salesforce Trailhead Course Released on Reasonable Cyber Defense
CIS works with Salesforce Trailhead to create free courses designed to help you implement the CIS Critical Security Controls® (CIS Controls®). We began by releasing an introductory course on how you can use Implementation Group 1 (IG1) of the CIS Controls v8 to achieve essential cyber hygiene. Shortly thereafter, we announced a trail that explains how you can leverage the CIS Risk Assessment Method (RAM) to guide your Controls implementation plan. We're excited to unveil yet another course on Salesforce Trailhead, "The Value of Security Controls," which guides users through the realistic costs of strengthening their cyber defense program. Ready to step up your organization's cyber defenses by developing a realistic plan so that you can implement the security controls and invest in the technologies you need most? Check out our new course on Salesforce Trailhead.
CIS CyberMarket® Launches New Vendors
CIS CyberMarket has added two new vendors: NetAlly and Invary. NetAlly's CyberScope® aids security teams in fortifying their cybersecurity defenses with advanced edge network vulnerability scanning and validation of security controls. Invary's Runtime Integrity Service helps protect systems from advanced threats by verifying their integrity at runtime. CIS CyberMarket is a marketplace specifically designed to help connect U.S. State, Local, Tribal, and Territorial (SLTT) government organizations with rigorously-vetted, cost-effective cybersecurity solutions from industry-leading vendors. To view all of our current offerings, please visit the CIS CyberMarket webpage.
CIS® Publishes New Guide to Help Parents Better Protect Their Children's Online
Activity
As a parent, helping your children navigate the complexities of the digital world can be challenging. Our new guide, From Both Sides: A Parent’s Guide to Protecting Your Child’s Online Activity, is crafted to help parents and guardians understand these risks, specifically the hazards of harmful online behaviors and scams targeting children. It also provides the essential tools to guide young surfers safely and explores real-life scenarios that illustrate the common online pitfalls children may encounter. This guide, written by CIS CISO Sean Atkinson with his daughter, aims to equip parents with the tools to guide and support their own children, make their digital experiences positive and productive, and foster an environment where our children can safely learn, create, and connect.
CIS Critical Security Controls Version 8.1
Released
The latest iteration of the CIS Controls represents the latest evolution in cybersecurity standards designed to help organizations improve their cybersecurity posture and stay protected against today's cyber threats
By Charity Otwell
On June 25, the Center for Internet Security (CIS) officially launched Version 8.1 (v8.1) of the CIS Critical Security Controls® (CIS Controls®). CIS Controls v8.1 is an iterative update to version 8.0. The update addresses the increasing complexities and vulnerabilities in today's cyber landscape by incorporating new asset classes and introducing the Governance security function, highlighting the commitment of the Center for Internet Security® (CIS®) to ensuring that organizations remain resilient against rapidly changing cyber threats. It offers prescriptive, prioritized, and simplified cybersecurity best practices that provide a clear path for you to improve your organization’s cyber defense program.
CIS Controls v8.1 features the following updates:
• Included new and expanded glossary definitions for reserved words used throughout the Controls (e.g., plan, process, sensitive data)
• Revised asset classes alongside new mappings to CIS Safeguards
• Fixed minor typos in CIS Safeguard descriptions
• Added clarification to a few CIS Safeguard descriptions
• Realigned National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) security function mappings to match NIST CSF 2.0
One key improvement to CIS Controls v8.1 mapping is the addition of the Governance security function introduced in the NIST CSF 2.0 released in 2024. Effective governance provides the structure needed to steer a cybersecurity program toward achieving your enterprise
The update addresses the increasing complexities and vulnerabilities in today's cyber landscape by incorporating new asset classes and introducing the Governance security function, highlighting the commitment of the Center for Internet Security® (CIS®) to ensuring that organizations remain resilient against rapidly changing cyber threats.
goals. The Controls were designed to be comprehensive enough to protect and defend cybersecurity programs for any size enterprise while being prescriptive enough to ease implementation. With the update to CIS Controls v8.1, governance topics are now specifically identified as recommendations that can be implemented to enhance the governance of a cybersecurity program.
The addition of the Governance security function will help Controls adopters better identify the policies, procedures, and processes necessary to support how an enterprise can protect their assets and equip them with the evidence needed to demonstrate industry compliance.
Another major update to CIS Controls v8.1 is the addition of new asset classes to better match specific parts of an enterprise’s infrastructure to which each CIS Safeguard
applies. All of these updates to the CIS Controls aim to help streamline the process of designing, implementing, measuring, and managing enterprise security.
Ready to better identify the governing pieces of your cybersecurity program and obtain the evidence you need to demonstrate compliance? Download CIS Controls v8.1 today!
Supporting Resources for CIS Controls v8.1
Version 8.1 is an iterative update to CIS Controls v8 and minimizes disruption to Controls users. However, CIS Controls v8.1 is only the beginning of a larger refresh to the sphere of resources available to ease the implementation of our security best practices. As we progress through 2024 and beyond, we’ll continue to release updates to our supporting tools and resources for the CIS Controls. To date, our team has already released updates for the following resources to support the new recommendations contained in CIS Controls v8.1.
Guides
• Industrial Control Systems (ICS) Guide — While the CIS Controls address the general practices that most enterprises should take to secure their systems, some operational environments may present unique requirements not addressed by the CIS Controls. CIS has expanded its efforts to include experts from the engineering Industrial Control Systems (ICS) and Operating Technology (OT) fields to provide the CIS Controls ICS Guide.
• Establishing Essential Cyber Hygiene Version 8.1 — When tasked to implement a cybersecurity program,
Version 8.1 is an iterative update to CIS Controls v8 and minimizes disruption to Controls users. However, CIS Controls v8.1 is only the beginning of a larger refresh to the sphere of resources available to ease the implementation of our security best practices.
many enterprises ask “How do we get started?” Implementation Group 1 (IG1) is the group that is least costly/difficult to implement and are the Safeguards we assert that every enterprise should deploy. Applying all of the Safeguards listed in IG1 will help thwart general, non-targeted attacks and strengthen an enterprise’s security program. IG1 is the definition of essential cyber hygiene and represents a minimum standard of information security for all enterprises. This guide will help organizations establish essential cyber hygiene.
• Guide to Asset Classes: CIS Critical Security Controls v8.1 — CIS simplified the language in v8.1 to provide enterprises guidance on how enterprise assets and software are organized in the CIS Controls and to help explain what we mean when we say things like “Establish and Maintain Detailed Enterprise Asset Inventory.” Adopters of the CIS Controls should use this guide as a reference during activities such as implementation or auditing to verify that all in-scope assets are being accounted for and are secured.
Tools
• CIS Controls Navigator — Want to see how the CIS Critical Security Controls fit into your broader security program? Use our CIS Controls Navigator to explore how they map to other security standards.
• CIS Controls Assessment Specification — The purpose of the CIS Controls Assessment Specification is to provide a common understanding of what should be measured in order to verify that CIS Safeguards are properly implemented. The hope is that those developing related tools will then build these measures into their tools so that the CIS Controls are measured in a uniform way.
• CIS Controls OSCAL Repository — This contains OSCAL serializations of the CIS Controls and will include a variety of OSCAL Catalogs for the main CIS Controls Version 8.1 document, Controls Assessment Specification, and mapping documents available as XML and JSON files.
• CIS Controls Self Assessment Tool (CSAT) — CIS CSAT helps enterprises assess, track, and prioritize their implementation of the CIS Controls. This powerful tool can help organizations improve their cyber defense program regardless of size or resources. CIS CSAT can help enterprises identify where CIS Controls Safeguards are already well-implemented and where there are weak points that could be improved. This can be useful information as enterprises decide where to devote their limited cybersecurity resources.
Mappings
• U.S. Department of Health and Human Services (HHS) Healthcare and Public Health Sector-Specific Cybersecurity Performance Goals (HPH CPGs)
• Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM) v4
• Payment Card Industry Data Security Standard (PCI DSS) v4.0
• New York Department of Financial Services (NYDFS) 23 NYCRR Part 500 (2nd Amendment 2023)
• NIST SP 800-53 Rev 5, including moderate and low baselines
• ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) 27001:2022
• DOD Cybersecurity Maturity Model Certification (CMMC) 2.0
• Cross-Sector Cybersecurity Performance Goals (CPGs) v1.0.1 of the U.S. Cybersecurity Infrastructure and Security Agency (CISA)
• National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171 Rev 2, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations
• National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) 2.0
Charity Otwell is the Director of the CIS Critical Security Controls for CIS. She has nearly 20 years of experience in the financial services industry and has built and led various programs such as Business Continuity, Disaster Recovery, Technology Governance, and Enterprise Architecture in a highly regulated environment. Before coming to CIS, Otwell was a GRC champion and practitioner with a focus on risk assessment, process optimization, process engineering, and best practice adoption for a top-50 bank within the United States. She also helped manage the relationship with federal regulators and the management of federal regulatory exams. She completed undergraduate and graduate studies in Birmingham, Alabama, and holds multiple industry certifications.
The Critical Importance of Cybersecurity for Law Enforcement and Public Safety
Like most things in modern society, technological advances have heavily affected how law enforcement and public security operations deliver critical services, and, as such, require effective cybersecurity defenses to ensure public safety
By Adam Ford
In today's digital age, cybersecurity has become a cornerstone for protecting the integrity and functionality of law enforcement and public safety operations. These entities rely on a vast array of interconnected technologies and data systems to deliver their essential services. However, this reliance also makes them vulnerable to cyber threats that can compromise sensitive information, disrupt operations, and ultimately endanger public safety.
The integration of robust cybersecurity measures is crucial for several reasons: safeguarding sensitive data, ensuring the uninterrupted operation of critical applications, and maintaining compliance with regulatory standards. Among the myriad challenges faced by public safety agencies, secure remote access stands out as a significant concern. Here, we delve into the seven challenges associated with public safety remote access and explore how modern solutions like zero trust architecture (ZTA) can address them.
Law enforcement and public safety operations...rely on a vast array of interconnected technologies and data systems to deliver their essential services. However, this reliance also makes them vulnerable to cyber threats that can compromise sensitive information, disrupt operations, and ultimately endanger public safety.
1. Poor Connectivity in Low-Bandwidth Areas
Public safety personnel, such as police officers, often operate in areas with limited connectivity. Traditional VPN solutions, with their high overhead, exacerbate performance issues in these low-bandwidth environments, leading to degraded user experience and reduced productivity. For instance, an officer needing to access critical information during a patrol in a rural area may encounter significant delays, potentially compromising their ability to respond effectively to a situation.
2. Dropped Connections While Switching Networks
A common issue with many VPNs is the need for reauthentication when users switch between networks, causing interruptions that can be detrimental during
critical operations. Imagine a scenario where an emergency responder moves from a vehicle's mobile network to a local Wi-Fi network at a scene. The interruption could delay access to vital information, impacting their ability to make timely decisions.
3. Slow, Resource-Intensive Data Uploads
Public safety users frequently need to upload large data files, such as body camera footage, to on-premises resources. VPN-related delays can force users to return to headquarters to complete these uploads, hindering timely data processing and automation. This logistical hurdle not only consumes valuable time but also delays the availability of crucial evidence for ongoing investigations.
4. Maintaining Compliance with Regulatory Bodies
Public safety agencies manage highly sensitive data and must adhere to stringent regulations. Ensuring compliance with various standards is a significant challenge. Violations can result in severe penalties and undermine public trust. Robust cybersecurity measures are essential to protect personally identifiable information (PII), criminal justice information (CJI), and other sensitive data from unauthorized access and breaches.
5. Cost and Effort of Migrating to CloudBased Resources
The transition from on-premises to cloud-based applications is a costly and complex process, often spanning multiple years. Additionally, the expense of maintaining secure remote access infrastructure, like Virtual Desktop Infrastructure (VDI), continues to rise. Agencies must balance the need for modernization with budget constraints, making it imperative to choose cost-effective and scalable cybersecurity solutions.
6. Limited Security and Visibility
When public safety personnel operate off premises, network administrators often lose visibility and control over their activities, exposing users and data to potential cyber threats and technical issues. Without adequate monitoring and control, detecting and mitigating threats becomes challenging, increasing the risk of data breaches and other cyber incidents.
7. Consistent Policy Enforcement
Law enforcement personnel require access to various online resources for investigations, but enforcing segmented web filtering policies can be challenging for administrators. Ensuring that officers can access
necessary information while blocking potentially harmful or non-compliant content requires a nuanced approach to policy enforcement.
Zero Trust Architecture: Addressing Critical Challenges
ZTA offers a transformative approach to addressing the cybersecurity challenges faced by public safety agencies. By implementing ZTA, agencies can significantly improve connectivity in low-bandwidth areas, as ZTA solutions are designed to minimize overhead and optimize performance. This ensures that officers in remote locations can access critical information without delays.
ZTA also eliminates the need for reauthentication when switching networks, providing seamless access and reducing interruptions during operations. Furthermore, ZTA facilitates faster, more efficient data uploads by leveraging direct-to-cloud connections, allowing officers to upload large files without the need to return to headquarters.
Compliance with regulatory standards is simplified through ZTA’s granular access controls and comprehensive logging capabilities, ensuring data security and audit readiness. The migration to cloud-based resources becomes more manageable and cost-effective, as ZTA supports hybrid environments and reduces the dependency on expensive on-premises infrastructure. Enhanced security and visibility are achieved through continuous monitoring and risk assessment, giving network administrators greater control over off-premises activities.
Finally, consistent policy enforcement is maintained through ZTA’s dynamic policy engine, which adapts to user behavior and context, ensuring that officers have
access to the necessary resources while maintaining strict security protocols.
Conclusion
The importance of cybersecurity in law enforcement and public safety cannot be overstated. These sectors are increasingly relying on digital tools and remote access, making the challenges associated with traditional VPN solutions more pronounced.
As the digital landscape continues to evolve, the need for robust cybersecurity measures becomes evermore critical. Law enforcement and public safety agencies must prioritize cybersecurity to protect sensitive data, ensure uninterrupted operations, and maintain public trust. By leveraging advanced solutions like ZTA, these agencies can navigate the complexities of modern technology and uphold their vital role in society. Investing in cybersecurity is not just a technological imperative but a fundamental component of public safety and service.
Zscaler's zero trust approach offers a modern, efficient, and secure alternative that addresses these challenges head on. By adopting modern cybersecurity solutions, public safety agencies can ensure that their personnel have reliable and secure access to critical applications and data regardless of their location. This not only enhances operational efficiency but also fortifies the defense against cyber threats, ultimately safeguarding the public and maintaining trust in law enforcement and public safety operations.
For more information on how Zscaler is helping law enforcement and public safety organizations, please email us at z-zscaler-cis@zscaler.com.
As the digital landscape continues to evolve, the need for robust cybersecurity measures becomes evermore critical. Law enforcement and public safety agencies must prioritize cybersecurity to protect sensitive data, ensure uninterrupted operations, and maintain public trust. .
With over 20 years of experience, Adam Ford has dedicated his career to ensuring that information systems and data are protected and available to meet the unique needs of government organizations. Currently serving as the Chief Technology Office for State & Local Government and Education at Zscaler, a leading cybersecurity company, Ford plays a crucial role in helping state and local government organizations securely transform their systems. As a respected leader in the public sector market, his expertise and guidance are instrumental in ensuring that the systems that keep government running are not only efficient but also protected from cyber threats.
Prior to Zscaler, Ford served as Chief Information Security Officer for the State of Illinois. In this role, he had responsibility for cybersecurity for various agencies, boards, and commissions under the Governor. During his tenure, the State of Illinois modernized and grew its security practice to protect systems and data that drive critical services to Illinois residents.
In addition to serving state agencies, Ford oversaw state and local security partnership and collaboration efforts including operation of the Illinois Election Cyber Navigator program in coordination with the Illinois State Board of Elections and the Illinois State Police.
He joined the Office of the CISO as Security Engineering Manager in 2017 and also served as Deputy CISO prior to becoming CISO. Before coming to security, Ford spent more than 15 years in data center and wide area network engineering and architecture roles with the Illinois Department of Innovation and Technology and the Illinois State Police.
How to Deter Multidimensional Threats in the Connected World
As threat actors take advantage of the connected world, we must work together to confront multidimensional threats. Our new national framework outlines how we can get started to improve our resilience and respond to this threat environment
By John D. Cohen
Malicious actors involved in gang violence, drug trafficking, human smuggling, terrorist recruitment, foreign influence operations, and other activity have dramatically changed their methods of operation to take advantage of new and developing technical capabilities. This changing threat landscape makes it increasingly difficult for law enforcement, targeted communities, and the United States as a nation to respond.
Exploitation of the cyber domain almost always has a harmful impact on the physical world. This takes various forms, such as ransomware groups who identify their unpaying victims on their websites and human smugglers who use social media to facilitate illicit mass migratory movements.
However, malicious actors aren't just exploiting the connected world. In some respects, they're leveraging the connected world to undermine confidence in key institutions in our society, and it's having an impact.
Two years ago, we set out to better understand how threat actors are taking advantage of the online world to grow their criminal enterprises, encourage violent acts, and harm U.S. national security. To identify successes and gaps in tackling these issues, we evaluated findings about the multidimensional threat environment and the current methods used by law enforcement and security officials to counter the threat. In this blog post, we'll review the findings we published in our white paper, Enhancing Cyber Safety in the Connected World — A National Framework for Action.
A Snapshot of an Evolving Threat Landscape
Globally, there has been a “massive increase” in ransomware attacks, with U.S. entities most heavily targeted, as
Exploitation of the cyber domain almost always has a harmful impact on the physical world... However, malicious actors aren't just exploiting the connected world. In some respects, they're leveraging the connected world to undermine confidence in key institutions in our society, and it's having an impact.
Director of National Intelligence Avril Haines testified in May 2024. He specifically noted how attacks against the healthcare sector roughly doubled from 2022 to 2023. Additionally, Haines highlighted cyber actors' ongoing attempts to attack U.S. industrial control systems, which are used in many critical sectors, like water, food, agriculture, defense, energy, and transportation.
At the same time, U.S. elections remain a prime target for foreign adversaries, particularly China, Russia, and Iran. Actors from these countries aim to exploit divisions in U.S. society and undermine confidence in democratic institutions, according to a joint warning from the top U.S. security agencies issued in April 2024.
“Nation-state adversaries use information operations and cyber intrusions hand-in-hand to further foreign malign influence goals,” explained the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of
Investigation (FBI), and Office of the Director of National Intelligence (ODNI) in their advisory.
All of these issues are exacerbated by the rise in the availability of generative artificial intelligence (GenAI). Malicious actors with less technical skills are using artificial intelligence to guide and improve aspects of their hacking operations, then-NSA director of cybersecurity Rob Joyce said at a conference at Fordham University.
“We already see criminal and nation state elements utilizing AI. They’re all subscribed to the big name companies that you would expect — all the generative AI models out there,” he said, as quoted by TechCrunch.
Four Pillars of a National Response
Through proof-of-concept initiatives, we found that rapid detection of emerging threats and evolving trends, along with speedy information sharing, is essential for U.S. federal, state, and local officials responsible for violence prevention, national security, and criminal investigations. Along those same lines, we determined that efforts centered around empowering local communities are critical in managing and responding to new and emerging threats.
The result of our efforts is a National Framework for Action developed with input from community groups and partner organizations. This Framework outlines four pillars to confront the problem.
Pillar 1: Improve Analysis on Emerging Threats
Pillar 1 emphasizes the importance of establishing a national, non-government, analytic clearinghouse infrastructure that serves as a repository for multi-source information and issues watches, warnings, forecasts, and analyses of hazardous cyber and online activity. The purpose of this information is to prevent or mitigate the effects of malicious behavior by multidimensional threat actors.
The objectives for Pillar 1 include the following:
• Foster private-public partnerships to better understand how criminals, foreign adversaries, and terrorists use the internet to achieve their operational objectives
• Focus on acquiring information that improves the efficacy of investigative and crime prevention efforts
• Educate U.S. state and local law enforcement personnel, civil society organizations, and policymakers regarding the use of social media and other
“Nation-state adversaries use information operations and cyber intrusions hand-inhand to further foreign malign influence goals,” explained the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Office of the Director of National Intelligence (ODNI) in their advisory..
internet-based technologies to inspire, facilitate, and inform illegal and often violent activities by foreign and domestic threat actors
Pillar 2: Enhance Information Sharing
To better detect and respond to emerging threats, Pillar 2 calls for enhancing the United States' information-sharing capabilities.
Pillar 2 necessitates the creation of a national information sharing platform that fulfills three key objectives. First, it improves geographic mapping of threat-related incidents. Second, it allows for sharing of information regarding emerging threats and active incidents. Third, it integrates information gathering and sharing efforts by U.S. State, Local, Tribal, and Territorial (SLTT) law enforcement and non-government entities to better detect emerging threats.
Pillar 3: Educate and Empower
In support of Pillar 3, we as a community must build public-private partnerships to expand awareness of the new threat landscape as well as develop and implement initiatives that increase communities’ resilience to contemporary threats.
Pillar 3 requires organized and expanded efforts to build local resilience among communities targeted by threat actors. These initiatives must include bridging the gap between the national security community, civil society and philanthropic organizations, and local governments to ensure that everyone understands the threat environment has changed, that federal and state governments cannot address the new threat alone, and that civil society, philanthropic organizations, and local governments must collectively help meet this new challenge.
Finally, the National Framework for Action highlights the need to support efforts by local communities to prevent acts of violence and other criminal activity inspired, facilitated, and informed by online activity.
Any national effort to address the evolving threat environment should include establishing a consistent level of capability across the United States for local communities to detect, evaluate, and manage the risk of violence or other illegal activity by those individuals who are influenced by malicious online content. This can be achieved by supporting local efforts to conduct threat/ behavioral risk assessments and deploy multi-disciplinary threat management strategies.
A Call to Action for a Whole-of-Society Approach
To make the connected world a safer place for people, businesses, and governments, we must work together to address multidimensional threats with adaptability and nationwide coordination. An effective response should involve government, academia, community groups, faithbased organizations, businesses, and other entities, each of which has a key role in preventing acts of violence and other illegal activity. Additionally, a concerted effort addressing the increasing use of advanced computing like AI by foreign and domestic threat actors as they engage in cyber, physical, and information operations will prepare society to counter these threats in the future.
This National Framework is a call to action that, if implemented, will support a whole-of-society effort to address this complex, volatile, and evolving threat landscape.
Ready to play your part? Download our new white paper, Enhancing Safety in the Connected World — A National Framework for Action, to explore and learn how these four pillars bolster the United States' ability to respond
to the changing threat environment, mitigate the impact of threat actor behavior, and build resilience among the nation's communities.
John D. Cohen serves as the Executive Director for the Program for Countering Hybrid Threats at the Center for Internet Security (CIS). In this role, he works closely with law enforcement, mental health, and civil society organizations across the nation to address issues relating to the impact of social media and the internet on crime, violence, community safety, and constitutional protections.
Cohen has four decades of experience in law enforcement, counter-intelligence, and homeland security. Prior to CIS, he served as the Assistant Secretary for Counterterrorism and Law Enforcement Policy, Coordinator for Counterterrorism and the Senior Official Performing the Duties of the Under Secretary of Intelligence and Analysis at the United States Department of Homeland Security (DHS). During the Obama Administration he served as the Acting Under-Secretary for Intelligence and Analysis (I&A) and Counterterrorism Coordinator for DHS. During his time at DHS, Cohen was a direct adviser to the Secretary and oversaw the development and implementation of a number of high visibility Department-wide crime prevention, counterterrorism, counter-intelligence and border and transportation security initiatives.
Prior to his career at DHS, Cohen served as a senior policy advisor to a number of federal, state, and local officials, including as Senior Advisor to the Program Manager for the Information Sharing Environment, Office of the Director of National Intelligence for the Administration of George W. Bush, Senior Homeland Security Policy Advisor to Governor Mitt Romney of the Commonwealth of Massachusetts and Janet Napolitano, Governor of the State of Arizona.
He has received numerous industry awards and recognition, including by the National Journal as one of the “100 Key People in Homeland Security” and “Law Enforcement Person of the Year” by Law Enforcement News for his work in developing and establishing a national non-emergency number, 3-1-1. Cohen is also an Adjunct Professor at the Georgetown University Security Studies Program and has served as an on-air expert for ABC News on homeland security, terrorism, counter-intelligence, and law enforcement issues.
Ad Placement
The Future of Security Operations in SLTT Organizations
As new advancements in technology continue to drive change in both state, local, tribal, and territorial (SLTT) organizations and threat actors out to compromise them, security operations must adapt to the evolving threat landscape
By James Globe
Security operations (SecOps) within state, local, tribal, and territorial (SLTT) organizations is at a pivotal juncture as these organizations position their information technology (IT) infrastructure to deploy enterprise artificial intelligent (AI) services. As digital transformation accelerates across governments, so does the sophistication of cyber threats. The future of SecOps is a rapidly evolving landscape shaped by advanced technologies, evolving threats, and regulatory shifts in data protection. SLTT organizations must anticipate and adapt to these changes to ensure resilience and protect critical infrastructure and sensitive information. This article explores the key trends that will shape the future of security operations within SLTT organizations, from the rise of AI and machine learning (ML) to the importance of cybersecurity data governance and protection policies.
1. Increased Reliance on AI and Machine Learning
One significant trend in the future of security operations is the increasing role of artificial intelligence and machine learning in threat detection and response. SLTT organizations, which often deal with vast amounts of sensitive data, are prime targets for cyber attacks. Traditional SecOps strategies, which rely heavily on manual analysis and reactive responses, struggle to keep up with the growing number of sophisticated threats.
AI and ML can process large amounts of data in real time, identifying anomalies and potential threats much faster than human analysts. These technologies can also help identify potential risky staff activity that help with tailored security awareness training development and prioritize their defense-in-depth deployment strategy. As SLTT entities adopt more cloud-based systems, AI-powered cybersecurity tools will become essential in
The future of SecOps is a rapidly evolving landscape shaped by advanced technologies, evolving threats, and regulatory shifts in data protection. SLTT organizations must anticipate and adapt to these changes to ensure resilience and protect critical infrastructure and sensitive information.
detecting malicious activities, monitoring network traffic, and analyzing security incidents.
For example, AI can enhance terrestrial and virtual endpoint security by detecting patterns that indicate malware or unauthorized access attempts. ML algorithms can help refine threat intelligence over time, reducing false-positive alerts and making future predictions more accurate. As AI continues to evolve, its application in automation and orchestration within security operations will drive more proactive, efficient, and scalable SecOps solutions in SLTT organizations.
2. Multi-Factor Authentication and Zero Trust Architecture Becomes the Standard
The shift towards zero trust security models will also shape the future of SecOps in SLTT organizations. Traditionally, security protocols have relied on perimeter defenses assuming that threats originate outside
the network. As organizations deploy more cloud-based services, data becomes more distributed, and employees increasingly work remotely, these traditional security models become ineffective. SLTT organizations, responsible for protecting critical infrastructure and sensitive citizen data, must rethink their security strategies.
Zero trust architecture assumes that no entity — internal or external — can be trusted by default. Every user, device, and application must be continuously authenticated before accessing sensitive information. Multi-factor authentication (MFA) relies on something you know, something you have, and increasingly something you are (biometrics). MFA combined with a zero trust architecture significantly reduces the attack surface, especially in decentralized environments where employees use multiple devices and access data remotely.
The future of SecOps will see SLTT organizations continue to deploy MFA technology as well as embrace zero trust frameworks to prevent insider threats, managing access control more effectively.
3. Automation and Orchestration for Enhanced Efficiency
As cyber threats increase in volume and complexity, security teams are often overwhelmed by alerts and false positives. SLTT organizations face resource constraints and limited cybersecurity expertise, making it difficult to respond to every potential threat in real time. The future of SecOps will lean heavily on automation and orchestration to streamline security processes.
Automation helps reduce the manual workload by handling routine tasks, such as patch management, log analysis, and alert triaging. Orchestration
While technology plays a central role in the future of SecOps, skilled labor remains central. The global shortage of cybersecurity professionals has left SLTT organizations particularly vulnerable.
ensures that various security tools and processes work together cohesively, creating a more unified and efficient security ecosystem. For example, automated response systems can block malicious IP addresses, quarantine infected endpoints, and reset compromised credentials without human intervention.
Automation will be crucial for scaling cybersecurity operations to handle growing digital footprints without overburdening security teams. Automation tools can provide continuous monitoring and real-time threat responses, which are critical in a sector where downtime or breaches could lead to significant public safety and trust concerns.
4. Increased Focus on Cybersecurity Workforce Development
While technology plays a central role in the future of SecOps, skilled labor remains central. The global shortage of cybersecurity professionals has left SLTT organizations particularly vulnerable. A lack of trained personnel can lead to slower response times, missed vulnerabilities, as well as unpatched systems and inadequate enforcement of cybersecurity policies.
To address this, SLTT organizations must prioritize cybersecurity workforce development. This includes training current staff in advanced cybersecurity practices, offering specialized certifications, and attracting new talent and reskilling or upskilling existing staff to fill critical security roles. States and local government agencies may need to invest in programs that encourage more professionals to enter the cybersecurity field, such as scholarships, apprenticeships, and public-private partnerships.
In the future, we are likely to see increased collaboration between government agencies, educational institutions, and private sector organizations to close the cybersecurity skills gap. By building a robust and capable cybersecurity workforce, SLTT organizations can strengthen their security posture and respond more effectively to emerging threats.
5. Regulatory and Compliance Challenges
The public sector operates within strict regulatory frameworks designed to protect citizen data and national infrastructure. As cyber threats evolve, so do the data protection regulations governing cybersecurity practices. SLTT organizations must stay ahead of these regulatory changes to ensure compliance and avoid penalties.
Future SecOps will need to adapt to evolving data protection laws, such as the General Data Protection Regulation (GDPR) in Europe and the National Institute of Standards and Technology (NIST) guidelines in the United States. As state governments and eventually the federal government introduce more stringent cybersecurity policies, SLTT organizations will be required to implement advanced security measures and provide transparent reporting of their cybersecurity practices.
6. Collaboration and Information Sharing
Collaboration will be critical in the future of security operations. SLTT organizations must work closely with private industry, law enforcement, and international partners to address the growing cyber threat landscape. Threat intelligence sharing and joint cybersecurity initiatives can help mitigate risks and enable faster, more coordinated responses to cyber attacks.
Conclusion
The future of SecOps in SLTT organizations is shaped by technological advancements, workforce development, and evolving regulatory landscapes. AI, MFA with zero trust architectures, automation, and collaboration will play a crucial role in addressing the complex cybersecurity challenges that lie ahead. By embracing these trends,
SLTT organizations can better protect their critical assets and maintain the trust of the citizens they serve.
James Globe, CISSP, is the Vice President, Strategic Advisor Cybersecurity Capabilities at the Center for Internet Security® (CIS®). Globe serves as the senior leader within Operations and Security Services (OSS) responsible for advising on strategic cybersecurity capabilities, cybersecurity workforce, data analytic analysis, frameworks, and emerging and enabling technologies for use by U.S. SLTT members.
He has more than 20 years in technology leadership, including extensive experience engineering signal intelligence mission systems, workflow management systems, financial and banking systems, modeling and simulation systems, and web-based information portals for top-tier banking and defense contracting organizations, including Bank of America, SAIC, BAE Systems, and L3 Harris Technologies.
Globe earned a Bachelor of Science in computer science and mathematics from Georgia State University. He also holds a Master of Science from John Hopkins University in telecommunications and security engineering.
CybersideChat
A Governance, Risk, and Compliance (GRC) Perspective of the Future
By Stephanie Gass, Director of Governance, Risk, and Compliance, CIS
The governance, risk, and compliance (GRC) landscape in information security is rapidly evolving, presenting GRC leaders with both new challenges and opportunities. The role of Information Security Officers (ISOs) continues to expand to include privacy requirements, artificial intelligence governance, rolling out of zero trust models, and acting as a voice for the community through collaboration and awareness.
Artificial Intelligence
There are several key components organizations should consider when integrating artificial intelligence (AI) onto their operations. They should first consider governing the use of AI in both new and existing environments and identifying what data elements can be utilized. Secondly, they can leverage AI to enhance existing processes, such as predicting and mitigating threats or aiding in audits and vulnerability management. Lastly, if rolling out AI-based products or services, it is crucial to communicate effectively with customers about the use of these technologies.
Regulatory Landscape
With the ongoing introduction of privacy regulations, new legislation
and regulation specifically tailored to AI is also emerging. Frameworks like the EU AI Act and the National Institute of Standards and Technology (NIST) AI Risk Management Framework provide organizations with the guidance on how to maintain security while leveraging evolving technologies.
Zero Trust
Adopting zero trust models is a gradual process, but it is quickly becoming a priority for many organizations to ensure information security and assurance. By implementing zero trust security models into their network infrastructure and operational policies, organizations can better protect themselves from breaches and other cyber threats.
Collaboration
For GRC professionals, fostering collaboration both within the organization and with external partners is vital. Internally, collaboration drives growth and maintains alignment with strategic initiatives. Externally, partnerships with industry and governmental agencies help shape comprehensive information security strategies.
There's not a "one size fits all" approach, but rather we should look at the strategic initiatives and overall risk appetite to understand where we can make the most impact.
Public Awareness
Raising public awareness is essential and closely linked to external collaboration efforts. Public awareness campaigns and educational programs can help demystify technical aspects of information security and emphasize the importance of privacy to external stakeholders and customers.
As we focus on the future, these are a few elements that organizations should be mindful of. There's not a "one size fits all" approach, but rather we should look at the strategic initiatives and overall risk appetite to understand where we can make the most impact.
ISACUpdate
Strengthening Cybersecurity Leadership: The MS-ISAC Welcomes New Executive Committee Members
By Karen Sorady, Vice President of Strategies and Plans, MS-ISAC
In the ever-evolving world of cybersecurity, strong leadership and diverse perspectives are crucial for protecting our nation's digital infrastructure.
The Multi-State Information Sharing and Analysis Center® (MS-ISAC®), a decades-strong cornerstone designed to strengthen cybersecurity in U.S. State, Local, Tribal, and Territorial (SLTT) government organizations, recently announced the addition of four distinguished professionals to the MS-ISAC Executive Committee for the 2024–2027 term.
A New Chapter in Cybersecurity Governance
The MS-ISAC Executive Committee plays a pivotal role in representing the interests and priorities of U.S. SLTT entities, with that input shaping
the strategic direction for how the MS-ISAC continues to deliver value to members.
These new members represent a cross-section of U.S. SLTT government entities, bringing diverse perspectives from county, K-12, and state levels. Their collective expertise will be instrumental in addressing the unique cybersecurity challenges faced by the different sectors represented in the MS-ISAC.
Newly Elected MS-ISAC Executive Committee Members
• Jason Skeen, IT Security Manager, Mecklenburg County, North Carolina (County seat, 2024–2027 term)
• Joshua Bauman, Director of Technology, Festus R-VI School District, Missouri (K-12 seat, 2024–2027 term)
• Torry Crass, State Chief Risk Officer, North Carolina (State seat, 2024–2027 term)
• Patrick Wright, Chief Information Security & Privacy Officer, State of Nebraska (State seat, 2024–2027 term)
The Executive Committee serves as the voice of the MS-ISAC's 17,000+ member organizations, providing a conduit for every U.S. SLTT entity, regardless of size or resources, to have its voice heard and its interests represented to key external partners.
Leadership Transition and Continuity
In addition to welcoming new members, the MS-ISAC is pleased to announce a significant leadership transition. Terry Loftus, Assistant Superintendent & Chief Information Officer at the San Diego County Office of Education, California, will assume the role of Chair of the Executive Committee on October 1, 2024. As a current Executive Committee Member in the K-12 seat, Loftus delivers
continuity and a deep understanding of the MS-ISAC's mission to this crucial leadership position.
A Collective Voice for Cybersecurity
The Executive Committee serves as the voice of the MS-ISAC's 17,000+ member organizations, providing a conduit for every U.S. SLTT entity, regardless of size or resources, to have its voice heard and its interests represented to key external partners, such as Congress, the White House, the Cybersecurity and Infrastructure Security Agency (CISA), and Sector Risk Management Agencies.
A Community-Driven Approach
At the heart of the MS-ISAC's success is its community-driven model. The Executive Committee embodies this approach, serving as a bridge between the MS-ISAC membership base and its key partners, included the Center for Internet Security (CIS) and federal support agencies. This collaborative spirit extends beyond the committee, fostering a culture of information sharing and mutual support among all MS-ISAC members.
A United Front Against Cyber Threats
As cyber threats continue to evolve and grow in complexity, the collaboration fostered by the MS-ISAC and its Executive Committee remains vital. By electing representative leaders from various U.S. SLTT sectors, the MS-ISAC creates a powerful network of shared knowledge, best practices, and resources.
The addition of new Executive Committee members and the transition in leadership mark an exciting chapter for the MS-ISAC. As we move forward, this new team will be at the tip of the spear, driving innovation, collaboration, and resilience in increasing cyber maturity across U.S. SLTT entities.
The MS-ISAC's commitment to empowering U.S. SLTT organizations to better defend themselves against pervasive cyber threats is unwavering. Through its comprehensive range of no-cost and cost-effective cybersecurity services and solutions, the MS-ISAC equips its members with the tools and expertise members have indicated they are most in need of to defend against cyber threats.
Looking Ahead
As we welcome our new Executive Committee members and prepare for the leadership transition, the MS-ISAC remains focused on its core mission: improving the cybersecurity posture of SLTT governments across the nation. The diverse expertise and fresh perspectives brought by the new members will undoubtedly contribute to the MS-ISAC more effectively meeting the needs of its members.
The challenges ahead are significant, and with this Executive Committee and the continued dedication of the committee members, the MS-ISAC will continue the work of better protecting our nation's SLTT digital infrastructure. We are also fortunate to have the continued support and leadership of our outgoing committee members, Gary Coverdale, Bhargav Vyas, and Arnold Kishi, to whom we
As we move forward, this new team will be at the tip of the spear, driving innovation, collaboration, and resilience in increasing cyber maturity across U.S. SLTT entities.
are extremely grateful for their dedicated service.
For SLTT organizations looking to bolster their cybersecurity defenses and join this collaborative community, MS-ISAC membership is available at no cost. To learn more about becoming a member and accessing the valuable resources the MS-ISAC offers, visit https://learn.cisecurity. org/ms-isac-registration.
In this interconnected digital world, our strength lies in our unity. The MS-ISAC, guided by its Executive Committee, stands ready to face the cybersecurity challenges of both today and tomorrow, contributing to a safer digital future for U.S. SLTT organizations and the communities they serve.
UpcomingEvents
October
October 2 – 3
The Harrisburg University of Science and Technology, in conjunction with the Commonwealth of Pennsylvania, County Commissioners Association of Pennsylvania, and Central Susquehanna Intermediate Unit 16, will host the 2024 Harrisburg University Cybersecurity Summit on its campus in Harrisburg, Pennsylvania. The event will bring together thought leaders, security experts from state and local government, federal agencies, K-12 school districts, higher education, and technology pioneers from the private sector to engage in dynamic discussions, explore cutting-edge solutions, and forge partnerships that will empower them to protect our digital world. Multi-State Information Sharing and Analysis Center® (MS-ISAC®) Regional Engagement Manager Megan Incerto will lead a session on no-cost resources to defend against cyber attacks. Learn more at https://summits. harrisburgu.edu/cybersecurity/.
October 8
The 2024 Tech Valley Cybersecurity Summit will take place at Rivers Casino and Resort in Schenectady, New York. The event will provide attendees with tailored insights from top industry thought leaders on navigating the cybersecurity landscape and addressing real-world challenges. CIS CISO Sean Atkinson will deliver the event's opening keynote, discussing zero trust security and ransomware defense in the age of AI. Learn more at https://logical.net/ cybersecurity-symposium/2024/.
October 9 - 11
The New York State Local Government IT Directors Association (NYSLGITDA) will host the 2024 NYSLGITDA Fall Conference at the Watkins Glen Harbor Hotel in Watkins Glen, New York. The event will serve as a gathering point for Chief Information Officers (CIOs), IT Directors, and technicians representing local governments in New York State. With a focus on training, technology, and government, this conference will foster the exchange of crucial information and perspectives among professionals. The CIS Services team will be onsite, sharing our no- and low-cost cybersecurity resources for state and local governments. Learn more at https://nyslgitda.org/event/fall2024-member/.
October 10
The Connecticut Education Network (CEN) and Connecticut National Guard will host Cyber Nutmeg 2024 at the Hartford Marriott Downtown in Hartford, Connecticut. The event is intended for state, municipal, and educational leaders along with the IT and cybersecurity professionals who support them. It is designed to raise awareness of cybersecurity threats and recommended defenses for attendees to protect their organizations. MS-ISAC Regional Engagement Manager Elijah Cedeno will lead a session on reasonable cybersecurity, and Senior Elections Cyber Threat Intelligence Analyst Timothy Davis will lead a session on threats for the upcoming elections. Learn more at https:// ctedunet.net/engagement-events/.
October 10 – 11
The Virginia Alliance for Secure Computing and Networking (VASCAN) will host the 2024 VASCAN Annual Conference at the William & Mary Alumni House in Williamsburg, Virginia. The event will bring together IT and cybersecurity leaders and professionals from across the state to learn from industry experts, share their experiences and best practices, and foster growth across the VASCAN community. MS-ISAC Regional Engagement Manager Megan Incerto will lead a session on no-cost cybersecurity resources available to state and local governments. Learn more at https:// vascan.org/vascan-2024/
October 15
GovTech will host the Louisiana Digital Government Summit at the Renaissance Baton Rouge in Baton Rouge, Louisiana. The event will bring together public sector technology and industry leaders to connect on innovative approaches, get inspired, and discover new technologies. The Summit will include cybersecurity leaders from state and local government throughout Louisiana. MS-ISAC Regional Engagement Manager Heather Doxon will be part of a panel session on strategies for building a state-wide cyber defense network. Learn more at https://events.govtech.com/LouisianaDigital-Government-Summit .
October 15 – 17
The Utility Technology Association (UTA) will host the 2024 UTA IT Conference at the Embassy Suites by Hilton Huntsville in Huntsville, Alabama. The event will bring together IT leaders and professionals from the nation's utilities together to hear from industry experts, learn about the most pertinent technology and security topics for utilities, and network with peers. CIS Services Senior Account Executive Jeff Sparks will lead a session at the event on no- and low-cost cybersecurity services for public utilities. Learn more at https://www. utilitytechnology.org/Events .
October 16
GovTech will host the Michigan Cyber Summit at the Suburban Collection Showplace in Novi, Michigan. The event will provide an opportunity for government technology professionals to learn about the latest efforts to defend against, respond to, and recover from cybercriminals who wish to do harm. The Summit will include cybersecurity leaders from state and local government throughout Michigan. MS-ISAC Regional Engagement Manager Anthony Essmaker will be part of a panel session with StateRAMP and CISA on cybersecurity resources for state and local governments. Learn more at https://events.govtech.com/MichiganCybersecurity-Summit .
October 18
The Sixth Annual Houston Cybersecurity Summit will take place at The Westin Houston, Memorial City in Houston, Texas. It will bring together leaders and cybersecurity professionals to learn about the latest cyber threats. CIS Senior Cybersecurity Engineer Jen Jarose will lead a panel session at the event on cloud security. Through our partnership, U.S. SLTT government entities can receive free admission. Contact the CIS CyberMarket team for more details. Learn more at https://cybersecuritysummit.com/ summit/houston24/.
October 20 – 22
The EdTech Leaders Alliance Conference will take place at the Nationwide Hotel and Conference Center in Lewis Center, Ohio. The event will bring together leaders and professionals from Ohio Association for Supervision and Curriculum Development (ASCD), the International Society for Technology in Education (ISTE), and the Ohio Chapter of the Consortium of School Networking (CoSN) to learn from and collaborate with leaders in EdTech from Ohio and beyond. The CIS Services team will be onsite, sharing our no- and low-cost cybersecurity resources for public schools. Learn more at https://web. cvent.com/event/67e8c838-4ecf-4433b51a-ebc0abe783f5/summary.
October 20 – 22
The CGI Forum 2024 will take place at the Hyatt Regency St. Louis at the Arch in St. Louis, Missouri. The event is the premier networking and educational event for the CGI Advantage community. With numerous in-depth product sessions and networking opportunities, the Forum is the must-attend event for government professionals to share experiences and best practices with peers and experts in the field. CIS Senior Director of Cybersecurity Advisory Services Andy Hanks will be a panelist during a session on cybersecurity strategy and resilience. Learn more at https://www.cgi.com/us/en-us/event/ cgi-advantage/forum
October 21 – 24
The Missouri Research and Education Network (MOREnet) will host the 2024 MORENet Annual Conference at the Branson Convention Center in Branson, Missouri. The event will bring together K-12 and higher education leaders and professionals from around the state to learn from industry experts, network with peers, and discover new solutions in classroom technology, projectbased learning, digital citizenship and accessibility, IT management, artificial intelligence, cybersecurity, and networking. MS-ISAC Regional Engagement Manager Anthony Essmaker will lead a session on no-cost cybersecurity resources for public K-12 schools and universities. Learn more at https://www.more.net/community/ events/annual-conference/.
October 22
The Inaugural Indianapolis Cybersecurity Summit will take place at the Hyatt Regency Indianapolis in Indianapolis, Indiana. It will bring together leaders and cybersecurity professionals to learn about the latest cyber threats. CIS Cybersecurity Engineer Randie Bejar will lead a panel session at the event on cloud security. Through our partnership, U.S. SLTT government entities can receive free admission. Contact the CIS CyberMarket team for more details. Learn more at https://cybersecuritysummit.com/ summit/indianapolis24/.
October 23 – 25
The Ohio Municipal League will host the 73rd Annual Ohio Municipal League Conference and Exhibit Show at the Renaissance Columbus Downtown Hotel in Columbus, Ohio. The event will bring together municipal leaders from across the state to learn from industry experts, engage in thoughtprovoking sessions, and network with peers. The CIS Services team will be on site, sharing our no- and low-cost cybersecurity resources for local governments. Learn more at https:// www.omlohio.org/240/Ohio-MunicipalLeague-Annual-Conference .
October 25
The Eight Edition of the Silicon Valley Cybersecurity Summit will take place at the Santa Clara Marriott in Santa Clara, California. It will bring together leaders and cybersecurity professionals to learn about the latest cyber threats. CIS Cybersecurity Engineer Darren Freidel will lead a panel session at the event on cloud security. Through our partnership, U.S. SLTT government entities can receive free admission. Contact the CIS CyberMarket team for more details. Learn more at https://cybersecuritysummit.com/ summit/siliconvalley24-oct/.
October 29
The Eight Annual Boston Cybersecurity Summit will take place at the Sheraton Boston Hotel in Boston, Massachusetts. It will bring together leaders and cybersecurity professionals to learn about the latest cyber threats. CIS Senior Cybersecurity Engineer Eric Pinnell will lead a panel session at the event on cloud security. Through our partnership, U.S. SLTT government entities can receive free admission. Contact the CIS CyberMarket team for more details. Learn more at https://cybersecuritysummit.com/ summit/boston24/.
November
November 8
The Critical Infrastructure Cybersecurity Summit will take place virtually. It will bring together leaders and cybersecurity professionals to learn about the latest cyber threats. Through our partnership, U.S. SLTT government entities can receive free admission. Contact the CIS CyberMarket team for more details. Learn more at https:// cybersecuritysummit.com/summit/ criticalinfrastructure24/.
November 13 – 16
The National League of Cities (NLC) will host the NLC City Summit at the Tampa Convention Center in Tampa, Florida. While each city summit is a can’t-miss event packed with the latest trends and valuable connections, this year's event will also be an incredible finale to a year-long celebration of NLC's 100 years of serving and strengthening cities, towns, and villages. Over 4,000 municipal leaders from across the United States will come together to learn the latest on trending and emerging topics, get updates on the changing federal landscape, and network with their peers. Learn more at https://citysummit.nlc.org/.
November 15
The 14th Edition of the New York Cybersecurity Summit will take place at the Sheraton New York Times Square. It will bring together leaders and cybersecurity professionals to learn about the latest cyber threats. Through our partnership, U.S. SLTT government entities can receive free admission. Contact the CIS CyberMarket team for more details. Learn more at https:// cybersecuritysummit.com/summit/ newyork-nov/.
November 19 – 21
The Public Technology Institute (PTI) will host its Government IT Leadership Summit & Symposium at the JW Marriott Mall of America in Bloomington, Minnesota. The GOVIT Leadership Summit, taking place on November 19, will bring together hundreds of local and state government IT executives and emerging leaders from across the country for a day filled with valuable information sharing and conversations about current and future trends, challenges, and opportunities. The GOVIT Symposium, taking place on November 20 and 21, will include even more government technology professionals from diverse functional areas to learn and exchange ideas and solutions on a broad set of topics. Learn more at https://fusionlp.org/govit-2024/.
November 19 – 22
Microsoft Ignite will take place at the McCormick Place Convention Center in Chicago. Microsoft users from around the world will come together to discover solutions that will help modernize and manage their own intelligent apps, safeguard their business and data, accelerate productivity, and connect with partners while growing their community. Attendees will participate in deep technical trainings, breakout sessions, partner interactions, and immersive learning experiences with the teams that build the products. The CIS team will be on the expo floor at Booth 424 sharing our resources for working securely in Microsoft environments. Learn more at https:// ignite.microsoft.com/.
November 21
The Ninth Annual Los Angeles Cybersecurity Summit will take place at the Fairmont Century Plaza in Los Angeles. It will bring together leaders and cybersecurity professionals to learn about the latest cyber threats. CIS Cybersecurity Engineer Justin Brown will lead a panel session at the event on cybersecurity readiness. Through our partnership, U.S. SLTT government entities can receive free admission. Contact the CIS CyberMarket team for more details. Learn more at https:// cybersecuritysummit.com/summit/ losangeles24/.
December
December 2 – 6
AWS re:Invent will take place at multiple venues in Las Vegas. AWS users from around the globe will come together at AWS's premier learning event for five exciting days of keynotes, breakout sessions, chalk talks, interactive learning opportunities, and career-changing connections with AWS leaders, experts, and peers. Attendees will walk away from the event stronger and more proficient in all areas of AWS technology, and better equipped to tackle their most ambitious goals in the cloud. The CIS team will be on the expo floor in the Venetian Expo at Booth 273 sharing our resources for working security in AWS environments. Learn more at https://reinvent. awsevents.com/.
December 4
GovTech will host the Hawaii Public Sector Cybersecurity Summit at the Prince Waikiki in Honolulu, Hawaii. The event will provide an opportunity for government technology professionals to learn about the latest efforts to defend against, respond to, and recover from cybercriminals who wish to do harm. The Summit will include cybersecurity leaders from state and local government throughout Hawaii. MS-ISAC Regional Engagement Manager Heather Doxon will be part of a panel session with CISA and the State of Hawaii on cybersecurity resources for state and local governments. Learn more at https:// events.govtech.com/Hawaii-PublicSector-Cybersecurity-Summit
December 6
The Sixth Annual Scottsdale Cybersecurity Summit will take place at The Phoenician in Scottsdale, Arizona. It will bring together leaders and cybersecurity professionals to learn about the latest cyber threats. Through our partnership, U.S. SLTT government entities can receive free admission. Contact the CIS CyberMarket team for more details. Learn more at https:// cybersecuritysummit.com/summit/ scottsdale24/.
December 12
The Second Annual Jacksonville Cybersecurity Summit will take place at the Sawgrass Marriott Golf Resort and Spa in Ponte Vende Beach, Florida. It will bring together leaders and cybersecurity professionals to learn about the latest cyber threats. Through our partnership, U.S. SLTT government entities can receive free admission. Contact the CIS CyberMarket team for more details. Learn more at https:// cybersecuritysummit.com/summit/ jacksonville24/.
Interested in being a contributor?
Please contact us: cybermarket@cisecurity.org www.cisecurity.org
518.266.3460
cisecurity.org info@cisecurity.org
518-266-3460
Center for Internet Security
@CISecurity
TheCISecurity
cisecurity CenterforIntSec