State and local governments lose billions of dollars a year through fraudulent claims and abuse of government services and benefits. Efforts to fight fraud often focus on combatting external threats, ignoring the very real threat of internal fraud. While this has always been a challenge for state and local governments, significant amounts of new federal funding through the Infrastructure Investment and Jobs Act (IIJA) and other pandemic relief...

Pratum proudly announces the return of the Secure Iowa Conference, a day of networking and continuing education in information security, IT risk management, compliance and privacy. Now in its tenth year, the conference delivers a unique opportunity for business leaders and security, privacy and audit professionals to gather without traveling out of state. Breakout sessions include both management and technical tracks, ensuring every attendee f...

Cyber insurance has become a big part of an overall cybersecurity strategy for many state and local governments. But cyber insurance is changing quickly. Premiums will likely increase significantly in the coming months and years. Policies are changing what incidents they cover, and in what circumstances. They may not offer the protection officials think they do. And cyber insurance does nothing to protect an organization against another attack...

Ransomware attacks are no longer “drive-by” events. Encryption is only one of the problems among a list of others that include operational disruption and data exfiltration for extortion, ransom, sale, and re-sale. Join SANS Senior Instructor Jake Williams, SANS Instructor and BlackBerry Principal Incident Response Consultant Ryan Chapman, and BlackBerry Most Distinguished Threat Researcher Dmitry Bestuzhev as they dissect and anal...

Get a preview of material directly from SANS SEC599: Defeating Advanced Adversaries - Purple Team Tactics & Kill Chain Defenses. There are many stages in the attack lifecycle in which we can detect or prevent an (advanced) attacker from getting closer to their final objectives. One thing we always come across however is that the attacker likes to persist in your environment, be it for two days, two months, or two years. It is important fr...

This webinar is a preview of a new report - the updated version of the Top 20 Cyber Attacks on Industrial Control Systems. The attack "ruler" of 20 standard attacks now includes nation-state-grade ransomware, IT-targeted ransomware that triggers "abundance of caution" OT / ICS shutdowns, IT-targeted ransomware that triggers OT shutdowns when IT systems vital to OT networks are impaired, and other timely updates. Cloud-seeded ransomware / supp...

So you have a vulnerability management program. Great. Excellent. But are you able to let the management team know if it is being effective or not? In this final Vulnerability Management series webcast, join Jonathan (MGT516 co-author and SANS certified Instructor) as he discusses how to show your program is being effective through metrics and measures. He will discuss metrics that a new program can start creating and generating on day 1 as we...

Government and education services should be easily accessible and simple to use for a wide variety of constituents. As the COVID-19 pandemic demonstrated, constituents can get frustrated and feel left behind when organizations have complex processes and tools, and not all users will be on the same level of the digital playing field. Thankfully, government and educational agencies have shown a willingness to transform their approaches to meet i...

As the public embraces technology in their everyday lives, they want great digital experiences with the government, too. Local and state agencies are rapidly modernizing, but the transformation arrives with new opportunities for identity theft and fraud. However, with the right approach, agencies can deliver digital services effectively while mitigating risks. Modern identity technology makes it possible. Join our industry speakers for a webin...

Get a preview of material directly from SANS SEC599: Defeating Advanced Adversaries - Purple Team Tactics & Kill Chain Defenses. There are many stages in the attack lifecycle in which we can detect or prevent an (advanced) attacker from getting closer to their final objectives. One thing we always come across however is that the attacker likes to persist in your environment, be it for two days, two months, or two years. It is important fro...