Security News & Information

News & Information

The CISO's Desk

  • Artificial intelligence: A new frontier (February 2024): In an era where digital threats are evolving at an unprecedented rate, various types of Artificial Intelligence (AI) systems have emerged as a crucial ally across all sectors (public and private) in the battle against cybercrime. The integration of AI in cybersecurity is not just an advantage, it has become a necessity ... (Read More)
  • Information Security Awareness (January 2024): State policy mandates that every state employee receive annual cybersecurity awareness training. To aid that effort, OCS this year is rolling out a new, enhanced awareness program that will include required and optional video modules by InfoSec IQ and a monthly newsletter, just to list a few components ... (Read more)
  • A year of progress (December 2023): As we reach my first-anniversary date here at WaTech’s state Office of Cybersecurity (OCS), I thought I would review some of what has occurred in the past 12 months. It has been quite a ride ... (Read more)
  • Holiday shopping (November 2023): Once again, the holidays are upon us. Many of you will likely shop for gifts for family and friends online. Online shopping can be a convenient way to buy gifts, but it also comes with risks. Here are some things to remember to shop safely and securely online ... (Read more)
  • Cybersecurity Awareness Month (October 2023)Since 2004, this nation has recognized October as Cybersecurity Awareness Month as a broad effort to help all Americans become safer and more secure online. Online risks have evolved and proliferated over the years, and Cybersecurity Awareness Month has grown dramatically in response, expanding the number of activities, presentations, and events. It has also spread beyond the borders of the United States to become an international phenomenon ... (Read more)
  • Whole of state cybersecurity (September 2023): In a Whole-of-State strategy, the state government collaborates with smaller local governmental organizations to ensure everyone is protected from threats. As part of this collaboration, state governments share training, threat intelligence, tooling, and other resources with municipalities and other local organizations to strengthen cyber defenses ... (Read more)
  • The journey to risk-informed compliance (August 2023): Many state agency leaders subject to Washington State IT Policy 141.10 (formerly OCIO 141.10) compliance requirements wonder how to apply risk assessment outcomes to their security practices. Compliance and risk management are essential tools for reducing the impact of threats. Organizations can achieve mission objectives and security by integrating these tools into a holistic framework ... (Read More)

OCS Spotlight

(Profiles of security staff on the front lines)
  • Spotlight: Here's your team to identify and manage risks: The Policy and Program Management Team at WaTech's Office of Cybersecurity (OCS) needs a better name. You would have to know the people on the three-member team to understand the importance of the work they do - which is to find and fix cybersecurity risks statewide before criminals can take advantage of them ... (Read More)
  • Spotlight: There are no shortcuts to success: When Lyron Cobbins was growing up in Kansas, an uncle would advise him "there are no shortcuts to success." It's advice that stuck with him over the years and seems like a good metaphor for the work he does today as an information security architect with the security engineering team at WaTech's Office of Cybersecurity ... (Read More)

Cyber Hygiene Tips

  • Stay alert to tax scams: As we move further into tax season, it's crucial to stay vigilant about IRS tax scams. Scammers are increasingly sophisticated, using fear and urgency to trick taxpayers into revealing personal information or sending money ... (Read more)
  • Business Email Compromise (BEC): Have you ever received an email or a text message from what you think is a legitimate source asking you to do something unusual? ...  (Read more)
  • Keeping a clean computer: Keeping a clean computer is important for both performance and security. Here are some tips on how to maintain your device in optimal condition ... (Read more)
  • What to know about removable media: If you find a USB drive or other removable piece of media in the wild, DO NOT plug it into your computer! Let’s break down why ... (Read more)
  • One Big Leap to Protect Your Information: There are many ways to protect important personal information including using strong passwords, freezing your credit, and being careful what you post on social media. There is one safeguard, however, that has become indispensable in today's world - multifactor authentication (MFA), also sometimes referred to as two-factor authentication ... (Read More)
  • Six steps you can take to protect yourself from BEC scams: Business email compromise (BEC) is a form of email phishing that uses the trust of people and companies we do business with to steal money. In a BEC scam, criminals send an email message that appears to come from someone you know who is making a seemingly legitimate request, such as ... (Read More)