Equity is highlighted in priority two of the President's Management Agenda (PMA), Delivering Excellent, Equitable, and Secure Federal Services and Customer Experience, and is a theme throughout all PMA priorities. Disaster response is possibly the most critical place to ensure equity. While a disaster does level the playing field in some ways-no matter how much money you have it won't stop a tornado from hitting your house-the recovery from disasters is not as fairly distributed.
A 2021 report from the Government Accountability Office (GAO) found that disaster response is "uneven" across the country. The research found that small towns, rural and tribal areas, and underserved and disadvantaged communities have a hard time accessing federal disaster recovery assistance programs. Those that did access funds had difficulty achieving a full recovery with structures still damaged years later. A key to solving this gap? Data.Continue reading →
With the CARES Act, the American Rescue Plan, and now infrastructure funding, state and local governments have a large pipeline of grant options to help further citizen support. In fact, White House initiatives aimed at providing relief to citizens total nearly $6 trillion.
However, applying for and later managing those grants can be an incredibly burdensome, and often manual process. With a wide variety of variables that need to be carried out and measured, the management of these grants involves a large number of people from multiple constituencies both within a state agency and outside it including grant applicants and recipients, various levels of government and agencies, and affiliated nonprofits. Multiple surveysand studies have shown that grantee organizations spend more than 40% of their grant resources on administration activities alone.Continue reading →
Ransomware has traditionally been a practice where cybercriminals encrypt data and demand ransom in exchange for a decryption key. More recently, a growing number of these bad actors threaten to make this information public if they do not get paid. This shift in the practice of ransomware has increased the "attractiveness" of K-12 schools for cyber criminals. Information about children is among the most highly protected data there is, making it more likely ransoms will be paid to keep it private. For this and other reasons, K-12 schools are seeing an increase in ransomware activity. In 2021, there were at least 62 reported ransomware cases as compared to only 11 in 2018. 2021 also saw ransomware as the most common cyber incident for K-12 schools for the first time ever.
What Gets Compromised in a Ransomware Attack?
An incident in 2020 involving Fairfax County, VA Public Schools resulted in employee social security numbers being posted online. Hackers targeting a school district in Allen, Texas emailed parentswith threats to expose their childs' personal information if educators did not pay a ransom. Showing the full swing of ransomware impacts from the serious to the mundane, a 2022 attack on the Griggsville-Perry School District in Indiana had many records compromised and leaked including a detention slip from December 2014 for a student who would not stop interrupting his health class. This shows the breadth of access that hackers had to documents and has led many schools to reexamine their file retention policy to reduce the amount of data accessible to bad actors.Continue reading →
With many of us using our faces to "open" our phones, biometric technology has become an everyday consumer technology. Capitalizing on the comfort and ease of use of facial recognition, government agencies are looking to incorporate it (and other biometric methods) into their modern cybersecurity plans and approaches but are realizing implementation in a government setting raises a host of complications.
Zero Trust is a logical evolution of security in a world where remote access to networks and applications is more common than being on-site with an organization's data center. From cloud applications to the explosion of remote work, the traditional "castle and moat approach" simply does not scale or protect networks that are constantly being accessed by outside users.