Government Technology Insider curates news about a variety of topics related to the IT challenges facing government agencies. In this roundup on IT utilization by local and state governments, read about fights against cyber-attacks in Alaska and smart cities, consolidation in Mississippi and Nebraska, and the growth of a data-driven city. Read the news here:
Alaska’s Strategy in the Fight Against Ransomware
High-profile incidents in Atlanta, Colorado, Baltimore, and other cities has put ransomware center stage as a real risk to state and local IT agencies. At the National Association of State Chief Information Officers (NASCIO) Conference, IT leaders weighed in on how they are approaching the current wave of pervasive cyberthreats. Alaska Deputy CIO Dan DeBartolo emphasized the importance his agency places on security in everything they do to try to prevent ransomware from getting into state systems. DeBartolo noted that as CIOs and CISOs shift to account and prepare for these new kinds of attacks and evaluate vulnerabilities in their networks, they also must consider that some departments in their agencies may not be adequately preparing for this new reality. His advice: “Trust no one.” Hear Dan DeBartolo discuss Alaska’s approach to cybersecurity here.
At Different Stages in Consolidation, States Look To A More Efficient Future
Consolidation and optimization have been a top priority for state chief information officers for as long as the National Association of State Chief Information Officers (NASCIO) has tracked Top 10 priorities, according to Nebraska CIO Ed Toner. In Mississippi, CIO Craig Orgeron says the state is attacking consolidation, but its decentralized nature makes that difficult. “I think many states find themselves potentially with decentralized governance models, and by definition, even if systems are shared, if the models to run those systems are decentralized, you have lots of people resources all over the place,” Orgeron says. In Nebraska, the state has saved tens of millions of dollars since Toner and his team completed their state consolidation. Now, his team is unlocking more than just financial efficiency but improvements in security and project management. Listen to how these two states are making consolidation a priority here.
How One Mayor Is Building A Community Driven By Innovation And Entrepreneurship
Mayor Scott Fadness of Fishers, Indiana, just outside of Indianapolis, is building a community driven by innovation and entrepreneurship. In order to achieve his vision, Fadness has developed a comprehensive plan that will drive transformation within his organization and in the community. The vision is for Fishers to become a data-driven city that can grow into a thriving smart city and that is one that uses “information and communication technologies to increase operational efficiency, share information with the public, and improve both the quality of government services and citizen welfare.” Fadness said that Fishers is “focusing on building a data-friendly environment first, and then embarking on building a smart city infrastructure so that the disruption delivers meaningful change to citizens in terms of better services and opportunities, rather than being seen as just change for change’s sake.” Read the article here.
Smart Cities Vulnerable To Easy Attacks on Unsecured Connected Apps
It’s been almost two years since the Mirai botnet attack brought down a number of popular websites by leveraging internet-of-things (IoT) devices to direct unmanageable amounts of traffic to DNS servers. A new study from the IBM X-Force research group and security advisory firm Threatcare shows that some of the same vulnerabilities that experts highlighted following the Mirai attack — such as unchanged default passwords — can still be found in components of smart city applications. The researchers found 17 zero-day vulnerabilities across different products from three companies: Echelon, Libelium and Battelle. Many of these vulnerabilities, especially default passwords, are easy to exploit, he said. Default passwords can routinely be found with a Google search for “default password” and the name of the target device. Read more about these hotspots for cyberattacks here.