StateTech Magazine - Technology Solutions That Drive Government https://statetechmagazine.com/rss.xml en How Counties Protect Voting Systems from Hacking https://statetechmagazine.com/article/2018/10/how-counties-protect-voting-systems-hacking <span>How Counties Protect Voting Systems from Hacking </span> <span><span lang="" about="/user/6191" typeof="schema:Person" property="schema:name" datatype="">phil.goldstein_6191</span></span> <span>Mon, 10/22/2018 - 09:21</span> <div><p>In the national conversation about securing the upcoming U.S. elections against hacking and other cyberthreats, there’s something missing: The discussion has <a href="https://statetechmagazine.com/article/2018/10/how-states-can-guard-against-threats-election-vendors">centered around states</a> — but the <strong>elections are run by counties</strong>.</p> <p>It is <a href="https://statetechmagazine.com/article/2018/07/naco-2018-how-counties-can-secure-their-elections-2018-midterms-loom">county officials</a>, not state ones, who across most of the country staff polling places, check voter registration databases and set up the machines that tally the vote. Crucially, once the election is over, they also <strong>transmit those tallies to the state capital for tabulation into the final results</strong>.</p> <p>“In most states, the actual administration of the elections, the deployment of the machines, falls to the county government,” says Matt Masterson, senior cybersecurity adviser at the U.S. <a href="https://www.dhs.gov/" target="_blank">Department of Homeland Security.</a></p> <p>And ultimately, counties <strong>must implement cybersecurity measures</strong> to protect those machines from intruders.</p> <p><a href="https://statetechmagazine.com/article/2018/10/voting-machine-security-how-state-and-local-governments-can-tackle-threats-perfcon" target="_blank"><em><strong>MORE FROM STATETECH: </strong>Find out how network segmentation can help secure voting machines! </em></a></p> <h2 id="toc_0">Fairfax County, Va., Isolates and Updates Voting Computers</h2> <p>For county governments, the key is to follow simple cybersecurity principles and reduce attack surfaces by avoiding connecting election systems to the internet wherever possible, <a href="https://www.fairfaxcounty.gov/" target="_blank">Fairfax County, Va.</a>, CISO Michael Dent tells <em>StateTech</em>.</p> <p>“My advice about elections is: <strong>Put as little as possible of it online. Minimize that footprint</strong>,” he says. He explained that the PCs used by his county’s election officials to upload vote totals on election night were kept isolated from the internet and not used for any other purpose. “Those machines are not used for anything else, and there’s no internet connection there,” he says, calling them “probably the most securely protected endpoints we have.”</p> <p>“Our attack surface is extremely small,” Dent says.</p> <p>Fairfax is the “fourth or fifth largest” county in the country, Dent says, adding that his security team of 10 full-timers and four contractors would be working around the clock on election day. “We’ll be on the wall looking and making sure we’re secure.”</p> <p>Dent has faith in his team to ensure the elections wouldn’t be hacked. “I’m very confident. I have to knock on wood, but I’m very confident that we haven’t had issues and we won’t,” he says.</p> <p>The most important steps counties can take are <strong>simple hygiene measures</strong> that “don’t have to cost a ton of money. It’s a time issue and a resource issue, but as far as buying solutions, you don’t necessarily have to do that,” Dent says.</p> <p>Few counties have the resources of Fairfax County, but Dent points to the<strong> free advice and assistance county governments of all sizes could get from DHS and other federal initiatives</strong>. “If you’re in a leadership position in a government today and you can’t marshal the resources, and we get to election night and your election system gets hacked, that’s on you. Shame on you for allowing it to happen,” he says.</p> <p>“We’ve known since the last election when the next one would be; you’ve had all that time to prepare. That’s a leadership issue and an accountability issue,” Dent says.</p> <p><a data-entity-type="" data-entity-uuid="" href="https://www.cdw.com/content/cdw/en/orchestration/cyber-security-report.html" target="_blank"><img alt="Cybersecurity_IR_don'tbecome_700x220.jpg" data-entity-type="" data-entity-uuid="" src="https://statetechmagazine.com/sites/statetechmagazine.com/files/Cybersecurity_IR_don'tbecome_700x220.jpg" /></a></p> <h2 id="toc_1">Local Jurisdictions Get Help from Federal Partners </h2> <p>As chairman of the <a href="https://www.eac.gov/" target="_blank">U.S. Election Assistance Commission</a> until earlier this year, Masterson led federal efforts to aid state and local governments in staging national elections, including drafting <strong>voluntary technical standards for voting machines and vote-tallying systems</strong>. After his term at the EAC ended, he was appointed a senior cybersecurity adviser within the <a href="https://www.dhs.gov/national-protection-and-programs-directorate" target="_blank">National Protection and Programs Directorate</a>, the DHS element whose job it is to protect America’s most vital national networks from hackers, terrorists and foreign enemies. </p> <p>The national conversation around protecting election systems has focused on the states, with controversies like the lawsuit aiming to force Georgia to require a paper backup for the state’s electronic voting machines dominating the headlines. But Masterson says DHS has worked to<strong> reach local election officials in “literally thousands of jurisdictions”</strong> through the newly minted <a href="https://learn.cisecurity.org/ei-isac-registration" target="_blank">Elections Infrastructure Information Sharing and Analysis Council</a> working with groups like the International Association of Government Officials and attending conferences of county election officials.</p> <p>Although cybersecurity best practices and standards can and do filter down from the state level to county election officials, “The best way to reach these folks is directly,” he says.</p> <p>To this end, DHS has launched what it calls the “Last Mile Project,” Masterson explains, working with state governments <a href="https://kwwl.com/news/2018/08/30/state-adds-additional-measures-for-cyber-security/" target="_blank">like Iowa’s to produce </a><a href="https://kwwl.com/news/2018/08/30/state-adds-additional-measures-for-cyber-security/" target="_blank">county-specific</a><a href="https://kwwl.com/news/2018/08/30/state-adds-additional-measures-for-cyber-security/" target="_blank"> guidance posters</a> to hammer home cybersecurity messages for local governments, no matter how large or small.</p> <p>When it comes to the systems that county officials use to report their results on election night — not to mention the email and internet access they employ the rest of the year — “many county election offices are <strong>reliant on the county government IT infrastructure,</strong>” according to Masterson. </p> <p><a href="https://statetechmagazine.com/article/2018/09/why-your-state-should-join-21-use-nist-cybersecurity-framework" target="_blank"><em><strong>MORE FROM STATETECH: </strong>Discover why your state should use the NIST Cybersecurity Framework! </em></a></p> <h2 id="toc_2">Counties Face Outdated IT, Manpower Challenges on Cybersecurity </h2> <p>County IT infrastructure in many cases is out of date and desperately under-resourced, says Alan Shark, executive director and CEO of the <a href="http://www.pti.org/" target="_blank">Public Technology Institute</a>, and a senior technology adviser to the <a href="https://www.naco.org/" target="_blank">National Association of Counties</a>.</p> <p>“Many counties still haven’t fully recovered” from the financial blows dealt by the great recession of 2008-09, Shark says. County governments have deferred system upgrades,<strong> “but that doesn’t mean you can defer it forever.” </strong>Some county systems are reaching “end of life,” when vendors will cease supporting them. </p> <p>“The government sector lags the private sector” in more than just technology, Shark says, noting that <strong>local government suffers from “legacy thinking.”</strong></p> <p>“We still have a third of counties where the technology director is reporting to the chief financial officer, and that’s because automation began with the administrative functions of the government.” Moreover, the human capital crisis afflicting cybersecurity in general is especially acute in local government, Shark says.</p> <p>“Some rural areas are hard-pressed to find and keep good IT people. We have a lot of people who are retiring. They’re leaving, and it’s very hard for counties to recruit younger people because government service is not looked at as it was before,” Shark says.</p> </div> <div> <div class="field-author"> <div id="taxonomy-term-" class=""> <div class="author-photo"> <a href="/taxonomy/term/11716"><img src="/sites/statetechmagazine.com/files/styles/face_small/public/people/ShaunWaterman.jpeg.jpg?itok=s7MXUxCF" width="58" height="58" alt="Shaun Waterman " typeof="foaf:Image" /> </a> </div> <div class="author-info"> <span>by </span><a rel="author" href="/taxonomy/term/11716"> <div>Shaun Waterman </div> </a> <a target="_blank" class="twitter" href="https://twitter.com/intent/follow?region=follow_link&amp;screen_name=WatermanReports&amp;tw_p=followbutton&amp;variant=2.0"><span>Twitter</span></a> </div> <div class="author-bio"> <p> <div><p>Shaun Waterman is an award-winning journalist who has worked for the BBC, United Press International and <em>POLITICO</em>, and an expert on cybersecurity and counter-terrorism who has presented at leading conferences like Hacker Halted and the Aspen Security Forum. Shaun, who is British, has a master’s degree in social and political sciences from King’s College, Cambridge. He is married and lives in Washington, D.C., with his wife and three American sons, Miles, Harry and Peter.</p> </div> </p> </div> </div> </div> </div> Mon, 22 Oct 2018 13:21:41 +0000 phil.goldstein_6191 41631 at https://statetechmagazine.com 5 Tips to Better Manage a Citywide Video Camera System https://statetechmagazine.com/article/2018/10/5-tips-better-manage-citywide-video-camera-system <span>5 Tips to Better Manage a Citywide Video Camera System</span> <span><span lang="" about="/user/6191" typeof="schema:Person" property="schema:name" datatype="">phil.goldstein_6191</span></span> <span>Fri, 10/19/2018 - 11:59</span> <div><p>Surveillance cameras have become pervasive in many cities in recent years. Privacy concerns aside, IP-based video cameras can improve security, discourage people from committing crimes, provide first responders with situational awareness, help police solve crimes and serve as evidence to secure convictions. But cameras can’t function alone.</p> <p>As local governments <a href="https://statetechmagazine.com/article/2018/09/cities-clear-way-video-surveillance-upgrades">populate their streets with more cameras</a> or upgrade to high-definition or 4K cameras, they also have to <strong>upgrade their networks, servers and storage equipment to handle the increase in massive video files</strong>. Some cities embrace cloud storage and beef up their camera systems with new applications, such as gunshot-detection technology and video analytics.</p> <p>According to <a href="https://technology.ihs.com/Biographies/463328/jon-cropley" target="_blank">IHS Markit Principal Analyst Jon Cropley</a>, while some cities are deploying cameras for the first time, many others are expanding existing systems. “It’s a mix,” he says. “The U.S. as a whole has been installing a high rate of cameras for longer than many other countries. A higher proportion of new equipment, therefore, is for upgrading or adding to existing systems.”</p> <p>There are numerous concerns that city IT leaders need to address as they maintain their surveillance camera systems. City managers of video surveillance networks discussed how to support a strong video camera system with <em>StateTech</em>, and they <strong>emphasized care of the cameras and the health of the network</strong>.</p> <p>Here are their five tips for managing a municipal video camera system.</p> </div> <div> <div class="field-author"> <div id="taxonomy-term-" class=""> <div class="author-photo"> <a href="/author/wylie-wong"><img src="/sites/statetechmagazine.com/files/styles/face_small/public/wylie-wong.jpg?itok=gph_Y-uT" width="58" height="58" alt="" typeof="foaf:Image" /> </a> </div> <div class="author-info"> <span>by </span><a rel="author" href="/author/wylie-wong"> <div>Wylie Wong</div> </a> <a target="_blank" class="twitter" href="https://twitter.com/intent/follow?region=follow_link&amp;screen_name=WylieWong&amp;tw_p=followbutton&amp;variant=2.0"><span>Twitter</span></a> </div> <div class="author-bio"> <p> <div><p>Wylie Wong is a freelance journalist who specializes in business, technology and sports. He is a regular contributor to the CDW family of technology magazines.</p> </div> </p> </div> </div> </div> </div> Fri, 19 Oct 2018 15:59:07 +0000 phil.goldstein_6191 41626 at https://statetechmagazine.com How States Can Guard Against Threats to Election Vendors https://statetechmagazine.com/article/2018/10/how-states-can-guard-against-threats-election-vendors <span>How States Can Guard Against Threats to Election Vendors </span> <span><span lang="" about="/user/6191" typeof="schema:Person" property="schema:name" datatype="">phil.goldstein_6191</span></span> <span>Thu, 10/18/2018 - 11:35</span> <div><p>Most states maintain aging election equipment, including voting machines. But many have <a href="https://statetechmagazine.com/article/2018/09/state-elections-agencies-focus-voting-security-ahead-midterms">boosted investments in cybersecurity measures</a> for their election IT systems, including purchases of multifactor authentication, perimeter sensors, email filtering and monitoring, threat scanning and information sharing systems.</p> <p>There is more they could be doing to enhance voting machine security, including via <strong>network segmentation, zero-trust network architectures </strong><strong>and</strong><strong> next-generation firewalls</strong>. They can also employ cloud-based security services in the short term for the 2018 election if those larger architectural changes cannot be made in time. </p> <p>And while external cyberattacks are the biggest threat to state boards of elections, state officials also should be concerned about <strong>security risks within their systems related to contractors, vendors and other partners</strong>. </p> <p><a href="https://statetechmagazine.com/article/2018/10/voting-machine-security-how-state-and-local-governments-can-tackle-threats-perfcon" target="_blank"><em><strong>MOR FROM STATETECH: </strong>Discover the network security tools your state or county can use to protect voting machines! </em></a></p> <h2 id="toc_0">The Risk to Election Equipment Vendors</h2> <p>“One place we need more transparency is in the private-sector portion of elections,” explains <a href="https://www.brennancenter.org/expert/edgardo-cort%C3%A9s" target="_blank">Edgardo Cortés</a>, election security adviser at New York University School of Law’s Brennan Center for Justice. </p> <p>The vendors that sell the equipment and the companies that support it are <strong>at risk for supply chain issues</strong>, explains Cortés, who worked as Virginia’s commissioner of elections. </p> <p>Election agencies should <strong>ask all vendors about the security standards and processes </strong>they have in place for their equipment, electronic commerce and employees, according to Cortés. </p> <p>“I recently heard about an election equipment vendor that was the victim of a very sophisticated<strong> spear phishing </strong>campaign. Once the bad actors are inside your vendor’s network, they can pull information that can be used against an agency,” he says.</p> <p><img alt="Cybersecurity_IR_don'tbecome_700x220.jpg" data-entity-type="" data-entity-uuid="" src="https://statetechmagazine.com/sites/statetechmagazine.com/files/Cybersecurity_IR_don'tbecome_700x220.jpg" /></p> <h2 id="toc_1">What States Can Do to Protect Voting Machine Partners</h2> <p>There are several concrete steps that states and partners at the county and local level can do to inoculate themselves from such risks. </p> <p>Earlier this year at <a href="https://statetechmagazine.com/naco-annual-conference-2018">the National Association of Counties’ 83rd Annual Conference and Exposition</a>, several county CISOs offered their best practices for <a href="https://statetechmagazine.com/article/2018/07/naco-2018-5-ways-counties-can-stay-secure-if-they-use-foreign-hardware-and-software">guarding against supply chain risks</a>, which can be applied at the state level as well. </p> <p>First, states need to <strong>have a vetting process when they purchase voting solutions and </strong><strong>products</strong>, and ensure that they adhere to the state’s own standards and policies. </p> <p>Darren May, CISO for <a href="http://www.tarrantcounty.com/en.html" target="_blank">Tarrant County, Texas</a>, said the county has an acceptable-use policy for its IT solutions. Government users are not allowed to bring software or hardware from home into the county’s IT environment, he said, adding that the county has a “tight vetting system.”</p> <p>If someone is trying to buy an IT service, the request is routed through the county’s enterprise resource planning system. May and the county’s IT business manager review those requests to ensure that any software is on the county’s whitelist and determine whether the county already has such a solution in-house. <strong>“We will literally hold up a purchase order,” </strong>he said.</p> <p>Currently, 21 states and the <a href="https://www.cisecurity.org/ms-isac/" target="_blank">Multi-State Information Sharing and Analysis Center</a> use the “<a href="https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04162018.pdf" target="_blank">Framework for Improving Critical Infrastructure Cybersecurity</a>,” also known as the Cybersecurity Framework, which is managed by the <a href="https://www.nist.gov/" target="_blank">National Institute of Standards and Technology</a>. </p> <p>The framework classifies cybersecurity activities into five major functions: identify, protect, detect, respond and recover. The CSF then provides policies, standards and best practices for organizations to follow as they implement and manage each of those five cybersecurity functions.</p> <p>States also need to <strong>hold voting equipment vendors accountable</strong>, and they should be able to show IT leaders where their solutions are manufactured, who is manufacturing them, and which entities have access to any software that goes into the products.</p> </div> <div> <div class="field-author"> <div id="taxonomy-term-" class=""> <div class="author-photo"> <a href="/author/karen-j-bannan"><img src="/sites/statetechmagazine.com/files/styles/face_small/public/people/bannan.jpg?itok=AUnlK_-q" width="58" height="58" alt="" typeof="foaf:Image" /> </a> </div> <div class="author-info"> <span>by </span><a rel="author" href="/author/karen-j-bannan"> <div>Karen J. Bannan</div> </a> </div> <div class="author-bio"> <p> <div><p>Karen J. Bannan is a freelance writer and editor who has written for a variety of publications including <em>The New York Times, The Wall Street Journal, Time</em> and <em>CIO.</em></p> </div> </p> </div> </div> </div> <div class="field-author"> <div id="taxonomy-term-" class=""> <div class="author-photo"> <a href="/author/phil-goldstein"><img src="/sites/statetechmagazine.com/files/styles/face_small/public/people/CoMfravQ_400x400.jpg?itok=W9IAwS8L" width="58" height="58" alt="Phil Goldstein" typeof="foaf:Image" /> </a> </div> <div class="author-info"> <span>by </span><a rel="author" href="/author/phil-goldstein"> <div>Phil Goldstein</div> </a> <a target="_blank" class="twitter" href="https://twitter.com/intent/follow?region=follow_link&amp;screen_name=philgoldstein&amp;tw_p=followbutton&amp;variant=2.0"><span>Twitter</span></a> </div> <div class="author-bio"> <p> <div><p>Phil Goldstein is a web editor for <em>FedTech</em> and <em>BizTech</em>. Besides keeping up with the latest in technology trends, he is also an avid lover of the New York Yankees, poetry, photography, traveling and escaping humidity.</p> </div> </p> </div> </div> </div> </div> Thu, 18 Oct 2018 15:35:49 +0000 phil.goldstein_6191 41621 at https://statetechmagazine.com Voting Machine Security: How State and Local Governments Can Tackle Threats https://statetechmagazine.com/article/2018/10/voting-machine-security-how-state-and-local-governments-can-tackle-threats-perfcon <span>Voting Machine Security: How State and Local Governments Can Tackle Threats</span> <span><span lang="" about="/user/6191" typeof="schema:Person" property="schema:name" datatype="">phil.goldstein_6191</span></span> <span>Wed, 10/17/2018 - 09:22</span> <div><p>With the 2018 midterm election less than three weeks away, it is clear that while <a href="https://statetechmagazine.com/article/2018/09/state-elections-agencies-focus-voting-security-ahead-midterms">state election officials</a> and their <a href="https://statetechmagazine.com/article/2018/07/naco-2018-how-counties-can-secure-their-elections-2018-midterms-loom">counterparts at the county level</a> have taken steps to increase cybersecurity protections ahead of the vote, more needs to be done to enhance voting machine security.</p> <p>States have increased their investments in cybersecurity measures for their election IT systems, including purchases of <strong>multifactor authentication, perimeter sensors, email filtering </strong><strong>and</strong><strong> monitoring, threat scanning, information sharing systems</strong> and more. Yet <a href="https://www.nytimes.com/2018/09/26/magazine/election-security-crisis-midterms.html" target="_blank">as <em>The New York Times </em>points out</a>, many voting machines and the infrastructure used to program them remain vulnerable, and the machines can still be accessed via connections they use to transmit voting totals after the polls close.</p> <p>And, <a href="https://www.cnet.com/news/election-security-is-a-mess-and-the-cleanup-wont-arrive-by-the-midterms/" target="_blank">as CNET notes</a>, many of the election security investments states have made in the wake of the 2016 election <strong>will not materialize in time</strong> to bolster security before Election Day on Nov. 6. </p> <p>There are still measures that state and local governments and election offices can make to enhance voting machine security, both for the midterms and for future elections, according to cybersecurity experts. Government officials can invest in network segmentation tools to cut off voting machines and associated servers from the wider internet and other parts of agencies’ networks. They can also invest in next-generation firewalls and other security services to bolster voting machine security. </p> <p>The stakes could not be higher, as <strong>nothing less than the integrity of democratic elections hangs in the balance</strong>. Malicious actors may have different goals in attacking voting machines and election infrastructure, says Patrick Sullivan, director of security technology and strategy at content delivery network company <a href="https://www.cdwg.com/search/?key=Akamai&amp;ctlgfilter=&amp;searchscope=all&amp;sr=1" target="_blank">Akamai Technologies</a>.</p> <p>They could be targeting voter registration lists to remove citizens from voter rolls, or trying to change voting outcomes, which is more difficult to do. Attackers can also target election websites with denial of service attacks to take the sites offline as voting totals roll in, he says. In the end, though, even if they do not change the outcome, the attacks can create uncertainty and <strong>undermine the elections’ integrity.</strong></p> <p>“All that an adversary needs to do is to increase some level of uncertainty about an election, that is easier to do,” Sullivan says. “Depending on those goals, you have to do more and more to achieve them. If you can compromise or release embarrassing information about a candidate, that undermines the confidence.”</p> <p><a data-entity-type="" data-entity-uuid="" href="https://www.cdw.com/content/cdw/en/orchestration/cyber-security-report.html" target="_blank"><img alt="Cybersecurity_IR_don'tbecome_700x220.jpg" data-entity-type="" data-entity-uuid="" src="/sites/statetechmagazine.com/files/Cybersecurity_IR_don'tbecome_700x220.jpg" /></a></p> <h2 id="toc_0">Network Segmentation Can Enhance Security for Voting Machines</h2> <p>Sullivan notes that “anything that is online carries with it some level of risk,” and that <strong>network segmentation</strong> — the process of splitting a computer network into subnetworks, each of which is a segment —is “critical” when it comes to <strong>voting machine security</strong>.</p> <p>Glenn Angstadt, CIO of <a href="https://www.chesco.org/" target="_blank">Chester County, Pa.</a>, said earlier this year at the National Association of Counties’ 83rd Annual Conference and Exposition that a key piece of election security is separating — or <strong>“air-gapping” </strong>— critical infrastructure from the public internet. He noted that the county has a setup of four workstations and one server for counting election votes, and those systems are not accessible except from a local network.</p> <p>Chester County does need connectivity to the internet to connect with <a href="http://www.dos.pa.gov/Pages/default.aspx" target="_blank">the Pennsylvania Secretary of State’s office</a>, Angstadt said. The county has developed a “high-technology thumb drive” that staff plug into the Election Staff Management System server to extract information, and then plug into an internet-connected device that is used one time to transmit the data. The drives are then disposed of, so “after that, nothing else is getting back into the voting processing system.”</p> <p>“If you look at the pattern of breaches, seldom does the attacker land on the device with the crown jewel of data they want to compromise,” Sullivan adds.</p> <p>“There is almost always some element of lateral movement,” as attackers target agency employees with phishing and social engineering tactics, get a foothold on a laptop and move across internal networks from there, he says. Network segmentation makes it more difficult to move from that initial target to other parts of the network and compromise voting machines connected to internal servers.</p> <p>Karen Scarfone, the principal consultant for <a href="http://www.scarfonecybersecurity.com/" target="_blank">Scarfone Cybersecurity</a> (and <a href="https://statetechmagazine.com/author/karen-scarfone">a <em>StateTech</em> contributor</a>), says that <strong>network segmentation “is a valuable technique for protecting devices with different security postures.”</strong></p> <p>Voting machines should be on physically or logically separate network segments used for voting machines only, according to Scarfone, and <strong>next-generation firewalls</strong> “should be used at segment boundaries and configured to allow only the network traffic that is required.”</p> <p>“By doing this, the voting machines are mostly isolated from all other devices, and this greatly reduces the opportunities for attackers to reach them,” Scarfone adds. “It also makes it much easier to monitor the network activity for just the voting machines and find anomalies. Network segmentation is a cost-effective technique for protecting voting machines.”</p> <p>Sullivan said that Akamai sees network segmentation for voting machine security as “a half step to where you ultimately want to go,” which is <strong>zero-trust networks</strong>. Such architectures dissolve the elements of trust entirely; rather than having a group of different network segments, it assumes there is no trusted internal network segment. Any device connecting to a network asset must be verified. As <a href="https://www.cdwg.com/content/cdwg/en/brand/paloalto.html" target="_blank">Palo Alto Networks</a> notes in <a href="https://www.paloaltonetworks.com/cyberpedia/what-is-a-zero-trust-architecture" target="_blank">a post on its website</a>, under zero-trust, organizations adopt a least-privileged access strategy and strictly enforce access control.</p> <p>Election authorities are unlikely to implement a zero-trust architecture for this election cycle, Sullivan says, since it can be <a href="https://www.csoonline.com/article/3287057/network-security/what-it-takes-to-build-a-zero-trust-network.html" target="_blank">difficult to set up</a>, but should do so as a long-term solution.</p> <p><strong><a href="https://statetechmagazine.com/article/2018/09/how-state-elections-agencies-have-worked-secure-voting" target="_blank"><em>MORE FROM STATETECH: </em></a></strong><a href="https://statetechmagazine.com/article/2018/09/how-state-elections-agencies-have-worked-secure-voting" target="_blank"><em>Find out what state election officials have done to secure the vote! </em></a></p> <h2 id="toc_1">Next-Generation Firewall Protection for Voting Machines</h2> <p><strong>Next-generation firewalls</strong> also provide an avenue for agencies to protect voting machines.</p> <p>As Jesse Wiener, an inside solutions architect for CDW’s security practice, <a href="https://blog.cdw.com/security/benefits-next-generation-firewalls-extend-beyond-security" target="_blank">notes in a CDW blog post</a>, next-gen firewalls have features such as user identification, URL filtering, intrusion prevention systems, malware prevention and application identity and control.</p> <p>IT security admins can use NGFWs to ensure that only the traffic that needs to pass to and from voting machines does so. </p> <p>“Today’s best next-generation firewalls provide security beyond the perimeter, incorporating web application firewalls and internal segmentation firewalls to drive security deep into the network,” Jeff Jennings, national SLED practice director at <a href="https://www.cdwg.com/content/cdwg/en/brand/fortinet.html" target="_blank">Fortinet</a>, writes <a href="https://gcn.com/articles/2018/09/10/election-security-investments.aspx" target="_blank">in <em>GCN</em></a>. “This ensures government networks protect applications and secure networked resources across the distributed network, even into the cloud, while<strong> isolating sensitive voter information as it moves across the network</strong>.”</p> <p>One of the unique challenges with elections, Sullivan says, is that like Super Bowl Sunday, the event involves spinning up a lot of infrastructure for a short period of time and then shutting it down. N<strong>ext-gen firewalls need to be installed </strong>and can require a “pretty heavy learning curve” on election agency IT teams, which might not have security specialists, Sullivan says.</p> <p><a href="https://statetechmagazine.com/article/2018/09/why-your-state-should-join-21-use-nist-cybersecurity-framework" target="_blank"><em><strong>MORE FROM STATETECH: </strong>Discover why your state should use the NIST Cybersecurity Framework! </em></a></p> <h2 id="toc_2">How Governments Can Secure Voting Machines Now</h2> <p>Given that architectural changes may take longer to implement, Sullivan says election agencies can turn to <strong>cloud-based security services</strong> that can be spun up just for the election and immediate aftermath, and for things like testing and normalizing network traffic.</p> <p>Through the end of the 2018 election cycle, Akamai is providing its <a href="https://blogs.akamai.com/2018/05/election-readiness-2018.html" target="_blank">Enterprise Threat Protector with Akamai Cloud Security Intelligence</a> service to election agencies on a pro bono basis. The service looks at the Domain Name System protocol requests for election sites and compares those requests to the intelligence Akamai has gathered by looking at trillions of such requests per day to determine if it is benign.</p> <p>The service is also designed to protect election agencies from phishing attacks, provide data protection, and<strong> guard against malware accessing external command and control servers to tamper with election data</strong>.</p> <p>Other companies are also offering cloud-based security tools to election officials. <a href="https://www.cdwg.com/content/cdwg/en/brand/mcafee.html" target="_blank">McAfee</a>, via its Skyhigh Networks unit, <a href="https://www.skyhighnetworks.com/cloud-security-blog/mcafee-announces-mcafee-cloud-for-secure-elections/" target="_blank">announced in August</a> that it would offer 12 months of free cloud-based free security services to election offices in all 50 states. The offering, McAfee Skyhigh Security Cloud, provides state election officials with a no-cost data security, monitoring, auditing, and remediation solution for their Infrastructure as a Service and Software as a Service environments.  </p> <p>Sullivan called the threats to elections “very real,” but said the flip side is that increased awareness of the threat has led to greater security enhancements. “We’re in a much better spot now,” he says.</p> </div> <div> <div class="field-author"> <div id="taxonomy-term-" class=""> <div class="author-photo"> <a href="/author/phil-goldstein"><img src="/sites/statetechmagazine.com/files/styles/face_small/public/people/CoMfravQ_400x400.jpg?itok=W9IAwS8L" width="58" height="58" alt="Phil Goldstein" typeof="foaf:Image" /> </a> </div> <div class="author-info"> <span>by </span><a rel="author" href="/author/phil-goldstein"> <div>Phil Goldstein</div> </a> <a target="_blank" class="twitter" href="https://twitter.com/intent/follow?region=follow_link&amp;screen_name=philgoldstein&amp;tw_p=followbutton&amp;variant=2.0"><span>Twitter</span></a> </div> <div class="author-bio"> <p> <div><p>Phil Goldstein is a web editor for <em>FedTech</em> and <em>BizTech</em>. Besides keeping up with the latest in technology trends, he is also an avid lover of the New York Yankees, poetry, photography, traveling and escaping humidity.</p> </div> </p> </div> </div> </div> </div> Wed, 17 Oct 2018 13:22:04 +0000 phil.goldstein_6191 41611 at https://statetechmagazine.com What Massachusetts Can Do to Combat IoT Security Threats https://statetechmagazine.com/article/2018/10/what-massachusetts-can-do-combat-iot-security-threats <span>What Massachusetts Can Do to Combat IoT Security Threats</span> <span><span lang="" about="/user/6191" typeof="schema:Person" property="schema:name" datatype="">phil.goldstein_6191</span></span> <span>Tue, 10/16/2018 - 12:07</span> <div><p>The security of Internet of Things devices and systems is a concern at <a href="https://statetechmagazine.com/article/2018/06/internet-things-security-concerns-cities-field-solutions-new-challenges-perfcon">both the city</a> and <a href="https://statetechmagazine.com/article/2018/05/3-tips-secure-internet-things-smart-states">state level</a>. IoT devices are increasingly being used in <a href="https://fedtechmagazine.com/article/2018/09/what-feds-can-do-guard-against-ddos-attacks-and-botnet-threat-perfcon" target="_blank">botnet attacks to take down computer networks</a>. For the Commonwealth of Massachusetts, the threat is real and needs to be addressed. </p> <p>Last month, Massachusetts State Auditor Suzanne Bump <a href="https://www.mass.gov/files/documents/2018/09/05/201780234t.pdf" target="_blank">released a report</a> that summarized how the state’s agencies currently use and think about IoT and the risks associated with it. While state agencies are using IoT and see its benefits, a plurality also <strong>voiced concerns that IoT risk cannot currently be effectively managed</strong>. </p> <p>The report makes clear that Massachusetts must take steps to bolster its IoT security, including <strong>improving information security policies, standards </strong><strong>and</strong><strong> guidelines</strong>. The report also says the state needs to <strong>create an information security incident response plan</strong> and connect IoT devices to the Commonwealth network with the involvement of the Commonwealth’s CIO or a designee.</p> <p>“As IoT technology becomes increasingly ubiquitous, state government has a choice: it can lead by proactively securing these devices and developing a comprehensive approach to ensure agencies are effectively protected when leveraging these tools, or it can react to challenges and threats when they are at an agency’s doorstep,” <a href="https://www.mass.gov/news/audit-shows-need-for-greater-focus-on-effective-adoption-of-internet-of-things-technology" target="_blank">Bump said in a statement</a>. “As the Commonwealth continues to take measures to improve its IT operations and security, the opportunities and threats presented by IoT devices must be a part of that strategy.” </p> <p><a href="https://statetechmagazine.com/resources/white-paper/managing-cyber-risks-public-sector-environment" target="_blank"><em><strong>DOWNLOAD: </strong>Discover how to enhance your agency's cybersecurity in this white paper!</em></a></p> <h2 id="toc_0">Massachusetts Uses IoT in Smart Buildings, Hospitals and on Highways</h2> <p>To gain a better understanding of the current use of IoT devices by state agencies, the Office of the State Auditor conducted a survey of <strong>84 </strong>state agencies, <strong>28</strong> of which responded. </p> <p>The purpose of the survey, which examined the period of July 1, 2016, through March 31, 2017, was to determine the current and future plans for deploying IoT devices in the state, the types of IoT devices deployed, the ways IT devices are connected to networks, the ways IoT devices are used, and agencies’ perspectives on the benefits and risks of IoT technology.</p> <p>Among other use cases, IoT is used in smart building management, in cameras and sensors at highway tolls, via GPS systems on <a href="https://www.mbta.com/" target="_blank">Massachusetts Bay Transportation Authority</a> trains and in patient-monitoring systems in hospitals. </p> <p>Notably, the report found that while a <strong>68 percent </strong>of respondents believe that the IoT has enabled their agencies to manage specific activities more efficiently, <strong>43 percent </strong>believe that the IoT “is in its infancy and the risk of adopting IoT devices is greater than the benefits.” Further, <strong>46 percen</strong>t of respondents “believe that IoT risks cannot be managed effectively and efficiently by current controls.”</p> <p>The finding on risk versus benefit “seemed like a clear call from those agencies that they needed some guidance and some help,” OSA’s Director of Communications Michael Wessler <a href="http://www.govtech.com/computing/Massachusetts-Auditor-Faults-State-IoT-Adoption-Practices.html" target="_blank">tells <em>Government Technology</em></a>. </p> <p><strong><a href="​​​​​​https://www.cdw.com/content/cdw/en/orchestration/digital-transformation-report.html" target="_blank"><em>DOWNLOAD: </em></a></strong><a href="​​​​​​https://www.cdw.com/content/cdw/en/orchestration/digital-transformation-report.html" target="_blank"><em>Find out how your state can achieve digital transformation in this CDW Insight Report! </em></a></p> <h2 id="toc_1">How Massachusetts Can Enhance IoT Cybersecurity</h2> <p>To determine he risks associated with the state’s use of IoT, the state auditor’s office reviewed the applicable network security controls in the Massachusetts Access to Government Network system that were intended to safeguard against potential security vulnerabilities of IoT devices and related information system resources. The office also examined the problem management and patch management processes for IoT devices and related IT resources</p> <p>The office also looked at the procurement and project management methodology for the <a href="https://www.mass.gov/news/baker-polito-administration-announces-investment-in-commonwealth-building-energy-intelligence" target="_blank">Commonwealth Building Energy Intelligence Program</a> and determined whether cybersecurity risks were properly mitigated. Additionally, the office reviewed the IoT vendor selection and vendor relationship management processes, as well as the availability of state data upon the termination of a relationship with a vendor. </p> <p>According to the report, the state’s Enterprise Information Security Policy <strong>does not provide guidance to state agencies regarding the IoT.</strong> Specifically, “it lacks controls to ensure that a minimum level of security is provided throughout the Commonwealth for the IoT, as well as optional control recommendations based on industry best practices, like those of the National Institute of Standards and Technology.” </p> <p>Without adequate administration through policies, standards and guidelines around IoT, the state “may be subject to security <strong>vulnerabilities that could affect its operations, safety, and privacy,</strong>” the report says. The report says the state CIO’s office should “establish detailed policies, procedures, and standards regarding the connection, use, and security of IoT devices.” </p> <p>The state’s <a href="https://www.mass.gov/orgs/executive-office-of-technology-services-and-security" target="_blank">Executive Office of Technology Services and Security</a> is in the process of developing new policies, procedures and standards, but says that many of the security controls required to mitigate and counter IoT-based attacks were already fundamental to the existing network security, access controls, and other well-established security areas.</p> <p>The report says EOTSS does not have a documented incident response plan, and it needs one, since “such a plan would establish specific procedures EOTSS would follow to respond to and<strong> resolve any detected incidents</strong> affecting the security of the Commonwealth’s IT <strong>hardware, software, and data related to IoT devices</strong>.” </p> <p>Without an incident response plan, the state “has inadequate assurance that it can effectively respond to and minimize the risk of cyberattacks when they happen.”</p> <p>The report also found that the state’s Division of Capital Asset Management and Maintenance procured the contract for a project that involved connecting IoT devices to the MAGNet without involving the state CIO’s office. Since the CIO’s office was not given the opportunity to participate in the project, “there is inadequate assurance that the connected devices were properly connected, and there is an increased network security risk that IoT devices will be exposed to cyberattacks,” the report says. </p> <p>EOTSS should implement a policy to ensure that all state agencies considering undertaking any projects related to MAGNet <strong>contact the state CIO’s office and learn whether it should be involved</strong> in supervising the projects, the report advises.</p> <p><a data-entity-type="" data-entity-uuid="" href="https://www.cdw.com/content/cdw/en/orchestration/cyber-security-report.html" target="_blank"><img alt="Cybersecurity-report_HowStrong%20(2)_0.jpg" data-entity-type="" data-entity-uuid="" src="/sites/statetechmagazine.com/files/Cybersecurity-report_HowStrong%20(2)_0.jpg" /></a></p> </div> <div> <div class="field-author"> <div id="taxonomy-term-" class=""> <div class="author-photo"> <a href="/author/phil-goldstein"><img src="/sites/statetechmagazine.com/files/styles/face_small/public/people/CoMfravQ_400x400.jpg?itok=W9IAwS8L" width="58" height="58" alt="Phil Goldstein" typeof="foaf:Image" /> </a> </div> <div class="author-info"> <span>by </span><a rel="author" href="/author/phil-goldstein"> <div>Phil Goldstein</div> </a> <a target="_blank" class="twitter" href="https://twitter.com/intent/follow?region=follow_link&amp;screen_name=philgoldstein&amp;tw_p=followbutton&amp;variant=2.0"><span>Twitter</span></a> </div> <div class="author-bio"> <p> <div><p>Phil Goldstein is a web editor for <em>FedTech</em> and <em>BizTech</em>. Besides keeping up with the latest in technology trends, he is also an avid lover of the New York Yankees, poetry, photography, traveling and escaping humidity.</p> </div> </p> </div> </div> </div> </div> Tue, 16 Oct 2018 16:07:54 +0000 phil.goldstein_6191 41606 at https://statetechmagazine.com How Companies Think About Smart City Technology and Improving Metropolitan Living https://statetechmagazine.com/article/2018/10/how-companies-think-about-smart-city-technology-and-improving-metropolitan-living <span>How Companies Think About Smart City Technology and Improving Metropolitan Living</span> <span><span lang="" about="/user/6191" typeof="schema:Person" property="schema:name" datatype="">phil.goldstein_6191</span></span> <span>Mon, 10/15/2018 - 10:10</span> <div><p>Technology has the ability to make living in a city safer, more efficient and more enjoyable. Major companies involved in smart city innovations — like <a href="https://www.cdwg.com/content/cdwg/en/brand/cisco.html" target="_blank">Cisco</a> and <a href="https://www.cdwg.com/content/cdwg/en/brand/panasonic.html" target="_blank">Panasonic</a> — produce technologies that do just that.</p> <p><a href="https://statetechmagazine.com/article/2017/10/las-vegas-taps-smart-city-initiatives-improve-mobility-quality-life">Take Las Vegas, Nev.</a>, where officials teamed up with Cisco to help reduce pedestrian deaths in crosswalks. Through <a href="https://www.cisco.com/c/en/us/solutions/industries/smart-connected-communities/kinetic-for-cities.html" target="_blank">Cisco Kinetic for Cities</a>, city leaders access <strong>real-time IoT device and sensor data securely, quickly and efficiently</strong>. The platform aggregates data from multiple sources, including sensors, mobile devices and cameras, says Britt Norwood, Cisco’s vice president for state, local and education business for the western part of the United States.</p> <p>Among other things, the city uses Cisco Kinetic for Cities to help reduce traffic congestion and to curb pedestrian accidents.</p> <p>Cisco Kinetic for Cities already helps city leaders make crossing the city’s busy streets safer, and provides them the ability to make real-time decisions about the flow of traffic in Las Vegas, Norwood says.</p> <p><strong>“It’s not just about the technology; it’s about making people’s lives much better,” </strong>he says.</p> <p>In Albuquerque, N.M., <a href="https://www.smartcitiesworld.net/news/news/albuquerque-embarks-on-unique-plan-to-relight-city-2332" target="_blank">another smart city that partners with Cisco</a>, officials seek to replace traditional streetlights through the Cisco Kinetic for Cities platform.</p> <p>The project will help improve public safety while making lighting more efficient — and cost-effective, Norwood says.</p> <p>“The data is everywhere in cities,” he says. “Using Cisco’s technology bridges that data together… and lets public officials make really intelligent decisions based on that.”</p> <p><a href="https://statetechmagazine.com/article/2018/10/8-smart-cities-watch" target="_blank"><em><b>MORE FROM STATETECH: </b>Discover why these eight cities are the smart cities to watch! </em></a></p> <h2 id="toc_0">Panasonic Takes Smart City Plans to the Next Level</h2> <p>But it takes more than technology to make a smart city a success, says George Karayannis, vice president of <a href="https://na.panasonic.com/us/smart-city-solutions-0" target="_blank">CityNOW</a> for the Panasonic Corporation of North America.</p> <p>“Technology is only an enabler,” he says.</p> <p>The secret sauce is to <strong>align all stakeholders</strong> — including government leaders, transportation and utility leads — to <strong>define collective goals that can only be achieved through collaboration</strong>, Karayannis says.</p> <p>Panasonic did that at <a href="https://www.penastationnext.com/" target="_blank">Pena Station NEXT</a>, a 400-acre, mixed-use, transit-oriented development in Denver, Colo. The public-private partnership offers a living lab for stakeholders where they can understand and interact with the technology firsthand. Panasonic has built a 20,000-square-foot model “mini city” in a building that includes a sports and entertainment district, a commercial business district and a mobility district to help stakeholders achieve a shared baseline of knowledge of the costs, benefits and underlying technology of practically any smart city application.</p> <p>Technologies deployed at Pena Station NEXT include a portfolio microgrid, connected mobility, autonomous shuttles, community Wi-Fi, <strong>smart streetlights, public-safety cameras, digital signage, smart parking </strong><strong>and</strong><strong> environmental sensing</strong>.</p> <p><a href="https://www.cdw.com/content/cdw/en/orchestration/digital-transformation-report.html" target="_blank"><em><strong>DOWNLOAD: </strong>Find out how your city can achieve digital transformation in this CDW Insight Report! </em></a></p> <h2 id="toc_1">City Leaders Drive the Future of Smart City Innovation</h2> <p>The future of smart city implementations looks increasingly positive as city leaders adopt a “Smart City 2.0” mentality, Karayannis says.</p> <p>“Smart Cities 1.0 was mostly vendor-led, and as a result, it was mostly about shiny stuff they could sell,” he says. “Smart Cities 2.0 is more about<strong> process improvement, enabled by technology</strong>. This is a subtle but critical distinction.”</p> <p>Stakeholder alignment will be a key piece of this next step. “We believe the future of successful smart city implementations is stakeholder alignment, which unlocks the public-private partnership opportunities, which then lead to impactful projects,” Karayannis says.</p> <p>Looking forward, smart cities have<strong> a lot of room to grow in the transportation space</strong>, Cisco’s Norwood says.</p> <p>With <strong>40,000 </strong>vehicle crashes annually, there clearly is a problem with roadways — one that smart technology can help to solve. Cities may adopt technology that can tie together various data in real time. Using data from fog sensors and connecting those sensors to roadway signs can indicate a gate is closed due to fog, for example, Norwood says.</p> <p>This focus will make roadways safer and also offer the added benefit of cutting down on traffic, he says.</p> </div> <div> <div class="field-author"> <div id="taxonomy-term-" class=""> <div class="author-photo"> </div> <div class="author-info"> <span>by </span><a rel="author" href="/author/erin-cunningham"> <div>Erin Cunningham</div> </a> </div> <div class="author-bio"> <p> <div><p>Erin Cunningham is a writer and editor based in Maryland with experience writing about state and local government, education, technology and more.</p> </div> </p> </div> </div> </div> </div> Mon, 15 Oct 2018 14:10:47 +0000 phil.goldstein_6191 41581 at https://statetechmagazine.com Drones Increasingly Get Ahead of Disaster Damage https://statetechmagazine.com/article/2018/10/drones-increasingly-get-ahead-disaster-damage <span>Drones Increasingly Get Ahead of Disaster Damage</span> <span><span lang="" about="/user/6191" typeof="schema:Person" property="schema:name" datatype="">phil.goldstein_6191</span></span> <span>Fri, 10/12/2018 - 09:07</span> <div><p>Immediately after Hurricane Florence hit the East Coast of the United States, drones were in the air, surveying the damage. In Wilmington, N.C., for example, a news drone <strong>tracked floodwaters as the hurricane moved through the state</strong> in <a href="https://abc11.com/weather/drone-view-hurricane-floods-wilmington-with-2-feet-of-rain/4265379/" target="_blank">reports from WTVD 11 Eyewitness News</a>. </p> <p>Several years ago, drones began appearing in emergency response situations, conducting surveillance and assessing damage. Today, utilities use drones regularly. <strong>Every agency involved in disaster responses may somehow deploy a drone as a primary tool</strong>, whether for damage assessment, search and rescue, overall surveillance and more. </p> <p>During the approach of Hurricane Florence in September, authorities <strong>alerted more than one million people and advised them to evacuate their homes</strong>. Drones gathered data for damage reports caused by the hurricane, which informed citizens when they might return home, <a href="https://www.wired.com/story/hurricane-florence-drone-recovery/" target="_blank">reports <em>Wired</em></a>. </p> <p>“Utilities are spelling out where they have vulnerable, infrastructure-like long power lines. The company is also pulling together pre-event data: ‘before’ pictures to contrast with the ‘after,’” according to <em>Wired</em>. “Getting those ‘after’ images is the challenge. No aircraft can fly in the storm itself, and even when it passes, they have to get into place to start work.”</p> <p><strong><a href="https://statetechmagazine.com/article/2018/09/mobile-communications-centers-help-public-safety-agencies-link" target="_blank"><em>MORE FROM STATETECH: </em></a></strong><a href="https://statetechmagazine.com/article/2018/09/mobile-communications-centers-help-public-safety-agencies-link" target="_blank"><em>See how counties are using mobile communications centers to respond to emergencies! </em></a></p> <h2 id="toc_0">Drones Help Restore Power, Ensure Clean Water</h2> <p>Facing Hurricane Florence, Edison Electric Institute, an industry group coordinating utility recovery efforts, tracked the recruitment of at least <strong>53 drone teams</strong> to identify and fix damage from the storm. Each team fielded more than one drone and collectively about <strong>100-160 operators</strong> flew the drones, <a href="http://fortune.com/2018/09/15/hurricane-florence-power-outages-drones/" target="_blank">according to <em>Fortune</em></a>.</p> <p>The drones can <strong>assess damage quickly and pinpoint trouble spots</strong> in places where it may be dangerous for people to venture. Companies like Duke Energy and Southern Company deployed drones with infrared and high-zoom sensors that can inspect substations, locate malfunctioning solar panels and help to restring power lines, according to Fortune.</p> <p>When Hurricane Harvey flooded Houston in 2017, CenterPoint Energy assessed a damaged substation and built a backup. To assess damage, the energy company turned to <a href="https://www.cdwg.com/content/cdwg/en/brand/ibm.html" target="_blank">IBM</a>. Drones “can also be used to check hospital generators or alert residents if the local hardware store is open to get supplies,” Chris Behme, an energy and utilities partner at IBM, tells <em>Fortune</em>.</p> <p>The Long Island branch of the Public Service Enterprise Group has deployed drones to examine substations as well as transmission and distribution systems. John O’Connell, vice president of transmission and distribution operations at PSEG Long Island, tells <a href="https://unmanned-aerial.com/drones-helping-long-island-utility-keep-the-lights-on" target="_blank">Unmanned Aerial Online</a>, “Compared to using helicopters or ground-based observation, <strong>UAVs give us better data on the electric system, which directly improves system reliability and employee safety</strong>.”</p> <p>The eruption of the Kilauea volcano in Hawaii came with bursts of lava up to 160 feet high, destroying more than 700 homes and forcing the evacuation of more than 2,000 people, <a href="https://www.reuters.com/article/us-usa-disaster-volcano/sleeping-giants-hawaii-eruption-reverberates-in-us-northwest-idUSKCN1MC15L" target="_blank">reports Reuters</a>.</p> <p>Drone operators went into “24/7 disaster mode,” surveying the volcanoes with drones and other tools. Data collected by the drones helped to advise scientists as to what the effects of a volcano eruption on the mainland might be.</p> <p>According to Reuters, “Water and electric utilities wanted to know if the plumes of fine ash would affect water quality, and how they might interfere with transmission lines.” Damage assessments from Hawaii could predict future trends.</p> <h2 id="toc_1">Potential Future Benefits of Drone Surveillance in Disasters</h2> <p>In the future, drones will do even more to assist with disaster response and recovery. <a href="https://www.curbed.com/2018/9/27/17909338/mud-spraying-drones-emergency-shelter" target="_blank">Curbed reports</a> architect Stephanie Chaltiel recently demonstrated a prototype drone that<strong> builds a mud shelter for use in an emergency</strong>. Emergency responders can set up lightweight wooden frames and cover them with burlap. The drone then covers the structure in mud, providing occupants with protection from the elements.</p> <p>Meanwhile, IBM applied for a patent for technology to track drone flights through <strong>a blockchain ledger</strong>, according to Coingeek. </p> <p>“The goal, according to the patent application, is to ensure that airspace controllers, regulatory bodies and even UAV owners can <strong>check and supervise the rising number of drones in the sky</strong>,” <a href="https://coingeek.com/ibm-files-patent-blockchain-based-drone-fleet-security/" target="_blank">the report says</a>.</p> <p>As major storms become more costly — <a href="https://www.cbsnews.com/news/hurricane-florence-could-be-costliest-hurricane-ever-to-hit-the-u-s/" target="_blank">at $170 billion in damages</a>, Hurricane Florence may be the most expensive storm in U.S. history — innovators will continue to find ways in which relatively inexpensive drones can mitigate potential disasters.</p> <p><em>This article is part of </em>StateTech<em>'s <a href="https://statetechmagazine.com/citizen">CITizen blog series</a>. Please join the discussion on Twitter by using the <a href="https://twitter.com/hashtag/statelocalIT?f=tweets">#StateLocalIT</a> hashtag.</em></p> <p><em><a data-entity-type="" data-entity-uuid="" href="https://statetechmagazine.com/citizen"><img alt="CITizen_blog_cropped_0.jpg" data-entity-type="" data-entity-uuid="" src="https://statetechmagazine.com/sites/statetechmagazine.com/files/CITizen_blog_cropped_0.jpg" /></a></em></p> </div> <div> <div class="field-author"> <div id="taxonomy-term-" class=""> <div class="author-photo"> <a href="/author/matt-parnofiello"><img src="/sites/statetechmagazine.com/files/styles/face_small/public/people/mattparnofiello.jpg?itok=qLJ1LYCA" width="58" height="58" alt="Matt Parnofiello" typeof="foaf:Image" /> </a> </div> <div class="author-info"> <span>by </span><a rel="author" href="/author/matt-parnofiello"> <div>Matt Parnofiello</div> </a> </div> <div class="author-bio"> <p> <div><p>In his role as Senior Business Development Strategist and Senior Public Safety Strategist at CDW•G, Matt Parnofiello manages technology integration projects with public safety agencies from concept to implementation. Working with the CDW•G team, customers, and industry partners he provides agencies with new capabilities and improved safety through digital transformation.</p> </div> </p> </div> </div> </div> </div> Fri, 12 Oct 2018 13:07:16 +0000 phil.goldstein_6191 41576 at https://statetechmagazine.com Port of San Diego Continues to Recover from Ransomware Attack https://statetechmagazine.com/article/2018/10/port-san-diego-continues-recover-ransomware-attack <span>Port of San Diego Continues to Recover from Ransomware Attack </span> <span><span lang="" about="/user/6191" typeof="schema:Person" property="schema:name" datatype="">phil.goldstein_6191</span></span> <span>Thu, 10/11/2018 - 12:20</span> <div><p>The Port of San Diego, which <a href="https://www.portofsandiego.org/press-releases/general-press-releases/port-san-diego-releases-additional-information-cybersecurity" target="_blank">disclosed late last month</a> that it had suffered from a ransomware attack on Sept. 25, continues to recover from the attack. </p> <p>The port has continued to operate, but some computer and IT systems remained offline as of last week, <a href="http://www.sandiegouniontribune.com/business/technology/sd-fi-port-update-20181004-story.html" target="_blank">according to <em>The San Diego Union-Tribune</em></a>. The port is working with state, local, regional, state and federal experts to restore its systems, the newspaper reports, and the FBI and Department of Homeland Security are part of the investigation.</p> <p>While the port has not been totally crippled, the attack highlights the <strong>continuing threat of ransomware</strong>, especially since it came shortly after an attack struck the Port of Barcelona, <a href="https://www.zdnet.com/article/port-of-san-diego-suffers-cyber-attack-second-port-in-a-week-after-barcelona/" target="_blank">as ZDNet reports</a>. The attack also underscores the need for all state and local government organizations to <strong>take the necessary precautions to guard against and mitigate ransomware attacks</strong>. </p> <p><a href="https://statetechmagazine.com/article/2018/09/why-states-may-find-appeal-proactive-threat-hunting" target="_blank"><em><strong>MORE FROM STATETECH: </strong>Find out why proactive threat hunting appeals to state IT pros! </em></a></p> <h2 id="toc_0">Port of San Diego Suffers a Cyberattack</h2> <p>The Port of San Diego disclosed on Sept. 27 that it has first reported an incident on Sept. 25 that disrupted the agency’s IT systems. The port noted that the issue is <strong>“mainly an administrative issue”</strong> and normal port operations were continuing as usual. </p> <p>“The Port remains open, public safety operations are ongoing, and ships and boats continue to access the Bay without impacts from the cybersecurity incident,” Port of San Diego CEO Randa Coniglio said in a statement.</p> <p>Coniglio noted that, while <strong>some of the port’s IT systems were compromised by the attack</strong>, port staff also “proactively shut down other systems out of an abundance of caution.” </p> <p>The ransom note the port received requested payment in bitcoin, although the amount that was requested is not being disclosed. <strong>Park permits cannot be accepted online, and public records requests are taking longer to process</strong>, according to the <em>Union-Tribune</em>.</p> <p><a data-entity-type="" data-entity-uuid="" href="https://www.cdw.com/content/cdw/en/orchestration/cyber-security-report.html" target="_blank" title="CDW Cybersecurity Insight Report"><img alt="Cybersecurity-report_EasyTarget.jpg" data-entity-type="" data-entity-uuid="" src="https://biztechmagazine.com/sites/biztechmagazine.com/files/uploads/Cybersecurity-report_EasyTarget.jpg" /></a></p> <h2 id="toc_1">Why It’s Important to Guard Against Ransomware</h2> <p>It can take a long time to repair IT systems and computers infected by ransomware, and doing so sometimes requires manually disinfecting hard drives and reconfiguring systems. </p> <p>“There is <strong>a lot of triage and analysis work you need to do in a recovery operation</strong>,” Stephen Cobb, a researcher with internet security software firm ESET, told the <em>Union-Tribune</em>. “It is a tedious process.”</p> <p>Ransomware is spread not only via emails but in malware hidden in advertising, too. Attackers are also downloading kits that let them easily deploy ransomware, a practice known as Ransomware as a Service.</p> <p>To help mitigate these risks, organizations should <strong>deploy a multilayered security program</strong> in order to prevent the intrusion of malware and allow for quick recovery in case an attack is not stopped, says Darius Goodall, director of product marketing at <a href="https://www.cdwg.com/content/cdwg/en/brand/barracuda.html" target="_blank">Barracuda Networks</a>.</p> <p>Goodall notes that, while detection and mitigation is key, there are instances when ransomware attacks succeed. That is why it is critical for organizations to back up their data. </p> <p>“If data backup is not in place, there are a few steps one can take,” Goodall says. “First, <strong>find out what type of ransomware it is</strong>, e.g. encryption, screen-locking, etc. From there, you can see if you’re still able to access files, especially from another location, like a mobile device. If so, then the ransomware is likely fake.”</p> <p>If the attack is encryption or screen-locking, IT administrators should <strong>disconnect from their network and use anti-malware or anti-virus software</strong> to clean the ransomware and use a data recovery tool to help find those deleted files that are often trashed once ransomware encrypts new copies, Goodall says. </p> <p>“It’s critical for organizations to continually test backup and recovery processes while also backing up copies of data at multiple locations,” he adds. “This ensures data has a life somewhere else if compromised”</p> <p>Like many other security pros, Goodall also strongly recommends <strong>never negotiating with hackers</strong> since there is no guarantee organizations will get their data back. He notes that this is “tough advice to follow when critical data is involved, but ultimately, the real challenge many organizations face is implementing the security measures necessary to prevent your organization from ever finding itself in the position in the first place.”</p> </div> <div> <div class="field-author"> <div id="taxonomy-term-" class=""> <div class="author-photo"> <a href="/author/phil-goldstein"><img src="/sites/statetechmagazine.com/files/styles/face_small/public/people/CoMfravQ_400x400.jpg?itok=W9IAwS8L" width="58" height="58" alt="Phil Goldstein" typeof="foaf:Image" /> </a> </div> <div class="author-info"> <span>by </span><a rel="author" href="/author/phil-goldstein"> <div>Phil Goldstein</div> </a> <a target="_blank" class="twitter" href="https://twitter.com/intent/follow?region=follow_link&amp;screen_name=philgoldstein&amp;tw_p=followbutton&amp;variant=2.0"><span>Twitter</span></a> </div> <div class="author-bio"> <p> <div><p>Phil Goldstein is a web editor for <em>FedTech</em> and <em>BizTech</em>. Besides keeping up with the latest in technology trends, he is also an avid lover of the New York Yankees, poetry, photography, traveling and escaping humidity.</p> </div> </p> </div> </div> </div> </div> Thu, 11 Oct 2018 16:20:28 +0000 phil.goldstein_6191 41571 at https://statetechmagazine.com Smart Cities Week 2018: 3 Key Takeaways for Smart City Leaders https://statetechmagazine.com/article/2018/10/smart-cities-week-2018-3-key-takeaways-smart-city-leaders <span>Smart Cities Week 2018: 3 Key Takeaways for Smart City Leaders</span> <span><span lang="" about="/user/6191" typeof="schema:Person" property="schema:name" datatype="">phil.goldstein_6191</span></span> <span>Wed, 10/10/2018 - 11:47</span> <div><p>Smart cities are popping up everywhere, and there are <a href="https://statetechmagazine.com/article/2018/10/8-smart-cities-watch-2018">several that are worth keeping an eye on</a>. But the proliferation of smart cities — and of technologies that purportedly will help cities become “smart” in the first place — can sometimes make it hard for civic leaders and city IT managers to keep track of some basic things. What is a smart city? What should a city be doing to be smarter? </p> <p>At the <a href="https://www.smartcitiesweek.com/2018-washington/" target="_blank">Smart Cities Week 2018 conference</a> in Washington, D.C., held from Oct. 2-4, city IT leaders from different parts of the country, and even a few from Canada, offered their thoughts on how their peers can <strong>chart a path forward and make their cities more innovative and responsive to residents’ needs</strong>. </p> <p>Here are <strong>three key takeaways</strong> from the conference to bear in mind when moving ahead on smart city projects. (And for all of <em>StateTech</em>’s coverage of Smart Cities Week 2018, <a href="https://statetechmagazine.com/smart-cities-week-2018">click here</a>.)</p> <p><a href="https://statetechmagazine.com/article/2018/10/8-smart-cities-watch" target="_blank"><strong><em>MORE FROM STATETECH: </em></strong><em>Find out why these eight smart cities are ones to watch!</em></a></p> <h2 id="toc_0">1. Smart Cities Require New Ways of Thinking from Leaders</h2> <p>One clear lesson from the conference is that for cities to become smarter, they will need to rethink how they do business, fund IT projects and collaborate with the private sector. </p> <p>Frank Johnson, CIO of <a href="https://www.baltimorecity.gov/" target="_blank">Baltimore</a>, suggested <a href="https://statetechmagazine.com/article/2018/10/smart-cities-week-2018-smart-cities-require-new-ways-thinking-governments">that city IT leaders</a> need to “open our aperture” and recognize that city governments only have so much capacity to carry out IT modernization plans, <a href="https://statetechmagazine.com/article/2018/09/qa-baltimore-cio-frank-johnson-lays-out-digital-transformation-vision">like the one that Baltimore just recently unveiled</a>. They need to <strong>work with businesses, technology partners, philanthropies and universities</strong> to achieve smarter cities that are more innovative and sustainable, he said. Unsurprisingly, this approach is championed in <a href="https://technology.baltimorecity.gov/sites/default/files/BCIT Strategic Plan Final 7.10.18.pdf" target="_blank">Baltimore’s modernization plan</a>. </p> <p>Wendy Gnenz, CIO of <a href="https://www.edmonton.ca/city-government.aspx" target="_blank">Edmonton</a>, Canada, agreed, and added that it is important for municipalities to start exploring different business models and not just assume that they will be able to fund smart city and Internet of Things projects via traditional sources of funding, like property taxes. Cities should look to <strong>forge public-private partnerships</strong> — which, she acknowledged, is not that common in Canada. “It takes some innovation, some agility to show a city council that this is the right way to go,” she said. Edmonton is pursuing this model with its <a href="https://edmontonhealthcity.ca/" target="_blank">Health City program</a>, an economic development initiative designed to spur healthcare innovation. </p> <p>City leaders should consider how to work with companies in the private sector to come up with new kinds of solutions they could not on their own, <a href="https://statetechmagazine.com/article/2018/10/smart-cities-week-2018-smart-cities-are-eye-beholder">said Michael Mattmiller</a>, a former CTO of Seattle who is now a director of government affairs at <a href="https://www.cdwg.com/content/cdwg/en/brand/microsoft.html" target="_blank">Microsoft</a>. For example, <a href="https://blogs.microsoft.com/chicago/2018/10/03/chicago-pilot-make-cities-more-accessible/" target="_blank">Microsoft is partnering with Chicago</a> to make the city’s technology more accessible and easier to use for people with disabilities or mobility issues. </p> <p><a href="https://statetechmagazine.com/article/2018/10/public-private-partnerships-empower-cities-dexterity-emerging-tech" target="_blank"><em><strong>MORE FROM STATETECH: </strong>Find out how cities can benefit from public-private partnerships! </em></a></p> <h2 id="toc_1">2. Focus on the Unique Needs of Your City</h2> <p>Speakers at the conference also emphasized that every city will take a unique path on its smart city journey, and that is as it should be. </p> <p>Miguel Gamiño Jr., now the <a href="https://newsroom.mastercard.com/press-releases/miguel-gamino-jr-joins-mastercard-as-executive-vice-president-for-global-cities/" target="_blank">executive vice president for global cities at Mastercard</a>, knows a thing or two about smart cities, having served as CTO for New York City from 2016 to April 2018. Gamiño also was CIO of San Francisco and chief innovation and information officer for the city of El Paso, Texas. </p> <p>He emphasized that, <strong>while they may face similar problems, they all have different priorities</strong>. They also each have different appetites for risks, he said. “What that taught me very quickly was that becoming smart city wasn’t a destination, it was a journey,” he said. “What makes for a smart city is in the eye of the beholder, in the city itself.”</p> <p>For example, in El Paso, the city was focused on efficiency in government, minimizing taxpayer expenses and improving service delivery. In San Francisco, the city and IT organization were much larger and more focused on broadband deployment, according to Gamiño.</p> <p>Smart cities may not necessarily all be focused on deploying IoT devices and sensors and making traffic more efficient. Sometimes making a city smarter<strong> can simply mean making sure its IT systems are up-to-date</strong>. Barney Krucoff, interim CTO of <a href="https://dc.gov/" target="_blank">the government of the District of Columbia</a>, said that while city IT leaders are pursuing smart city projects, they should not lose sight “of the fundamentals we need to every day.”</p> <p>The D.C. government is running some systems that were created in the 1980s and deployed in the 1990s that need to be updated, including financial tools and department of motor vehicles systems. Those are multimillion-dollar software upgrades that need to be addressed, he said, and smart cities programs can sometimes be a distraction from those fundamental IT challenges.</p> <h2 id="toc_2">3. Make Your City Resilient as Well as Smart</h2> <p>Cities should not just deploy new technology, but ensure that they will have the <strong>capacity to withstand big shifts in technology and the environment </strong>— not just over the next few years, but decades from now.</p> <p>Kevin Bush, <a href="https://oca.dc.gov/page/resilient-dc" target="_blank">chief resilience officer</a> for the District of Columbia, said <a href="https://statetechmagazine.com/article/2018/10/smart-cities-week-2018-tech-and-data-can-make-cities-more-resilient">resilience is the city’s “immune system,” </a>and smart cities need to probe where their immune systems are weak and strong and how capable they are of handling technological change, climate change, and changes in their populations and economies, he said. </p> <p>As cities deploy more IoT sensors, they will increasingly need to build up their cybersecurity resilience, Bush said. “We need to think about intrusions and bouncing back from an attack,” he added. <strong>“What is your fallback and your plan to get technologies back online?”</strong></p> <p>Erin Gill, <a href="https://www.knoxnews.com/story/money/business/journal/2017/01/02/40-under-40-erin-gill/94813372/" target="_blank">director of the office of sustainability</a> for the city of <a href="http://knoxvilletn.gov/" target="_blank">Knoxville, Tenn.</a>, said that the municipality’s proximity to <a href="https://www.ornl.gov/" target="_blank">Oak Ridge National Laboratory</a> has set a tone of innovation and progress for the city. “My role is to bring innovation theories and technologies into long-entrenched bureaucratic systems,” she said, including engineering and sustainability solutions. </p> <p>Gill also said that it is important for cities to <strong>break down silos and share data across departments </strong>to develop better services for residents and improve resiliency. Knoxville and its partners have done that to expand a home weatherization program for low-income residents.</p> </div> <div> <div class="field-author"> <div id="taxonomy-term-" class=""> <div class="author-photo"> <a href="/author/phil-goldstein"><img src="/sites/statetechmagazine.com/files/styles/face_small/public/people/CoMfravQ_400x400.jpg?itok=W9IAwS8L" width="58" height="58" alt="Phil Goldstein" typeof="foaf:Image" /> </a> </div> <div class="author-info"> <span>by </span><a rel="author" href="/author/phil-goldstein"> <div>Phil Goldstein</div> </a> <a target="_blank" class="twitter" href="https://twitter.com/intent/follow?region=follow_link&amp;screen_name=philgoldstein&amp;tw_p=followbutton&amp;variant=2.0"><span>Twitter</span></a> </div> <div class="author-bio"> <p> <div><p>Phil Goldstein is a web editor for <em>FedTech</em> and <em>BizTech</em>. Besides keeping up with the latest in technology trends, he is also an avid lover of the New York Yankees, poetry, photography, traveling and escaping humidity.</p> </div> </p> </div> </div> </div> </div> Wed, 10 Oct 2018 15:47:14 +0000 phil.goldstein_6191 41566 at https://statetechmagazine.com New Model for State CIO Procurement to Take Center Stage at NASCIO 2018 https://statetechmagazine.com/article/2018/10/new-model-state-cio-procurement-take-center-stage-nascio-2018 <span>New Model for State CIO Procurement to Take Center Stage at NASCIO 2018</span> <span><span lang="" about="/user/6191" typeof="schema:Person" property="schema:name" datatype="">phil.goldstein_6191</span></span> <span>Wed, 10/10/2018 - 10:52</span> <div><p>The <a href="https://www.nascio.org/" target="_blank">National Association of State Chief Information Officers</a> will leverage its <a href="http://www.cvent.com/events/nascio-2018-annual-conference/event-summary-84771f61e1ed437d8b4edb53467e7ff1.aspx" target="_blank">annual conference in San Diego</a> Oct. 21-24 as an opportunity to introduce a new way for state CIOs to do business. The multisourcing model, dubbed <strong>State CIO as Broker</strong>, will advocate for CIOs to serve as f<strong>acilitators of state information technology</strong> projects rather than as executors.</p> <p><a href="https://twitter.com/StateTech" target="_blank"><em><strong>JOIN THE CONVERSATION:</strong> Follow @StateTech on Twitter for continued NASCIO Annual 2018 coverage!</em></a></p> <p>In the months leading up to NASCIO 2018, the nonprofit already has produced two interim reports: first, an introductory report prior to its April midyear conference introducing the concept, “<a href="https://www.nascio.org/Portals/0/Publications/Documents/2018/NASCIO_StateCIOasBrokerModel.pdf" target="_blank">State CIO as Broker: A New Model</a>,” and in September, “<a href="https://www.nascio.org/Portals/0/Publications/Documents/2018/CIOBrokerTopTen.pdf" target="_blank">The State CIO Top Ten: Why It's More Than a List</a>.” The latest examines “four forces of government change that a state CIO must manage to be an executive enterprise leader,” according to the report.</p> <p>In that report, NASCIO outlines driving pressures that influence how state CIOs may address their top 10 priorities. The report heralds research being conducted by NASCIO on multisourcing with intent to provide best practices and a maturity assessment for <strong>the management of a multisourcing environment</strong>.</p> <p><a href="https://www.nascio.org/Newsroom/ArtMID/484/ArticleID/708/The-State-CIO-Top-Ten-More-Than-a-List-Taking-a-Fresh-Look" target="_blank">In a statement</a>, Mississippi CIO Craig Orgeron, co-chair of the NASCIO Enterprise Architecture and Governance Committee said, “The State CIO Top Ten Priorities that is published each year is more than a list. It presents the pulse of the states, what is surfacing to the top from across all the states and territories as they anticipate and respond to the various forces of change. In this paper we’re discussing that relationship between these forces and state priorities as reflected in the NASCIO Top Ten.”</p> <p>North Carolina CIO Eric Boyette, the committee co-chair, added, “The actual forces of change can be somewhat different from state to state. Each state has their own unique political forces, organizational dynamics, and reporting structure that constitute the specific forces of change we generalize in our model. The Top Ten State CIO Priorities helps rationalize all of these specific forces into a set of common priorities we can work on together at a national level.”</p> <p><a href="https://www.cdw.com/content/cdw/en/orchestration/digital-transformation-report.html" target="_blank"><em><strong>DOWNLOAD: </strong>Find out how your agency can achieve digital transformation in this CDW Insight Report! </em></a></p> <h2 id="toc_0">NASCIO 2018 to Focus on Multisourcing, Cybersecurity and Cloud</h2> <p>At NASCIO 2018, the organization will present a final report and its model, State CIO as Broker, in sessions for attendees. In addition, Texas CIO Todd Kimbriel will lead a session on<strong> “leveraging the multisourcing framework.”</strong></p> <p>And the nonprofit will present <strong>the results of its 2018 State CIO Survey i</strong>n a panel discussion at NASCIO 2018. Speakers at the panel include Nevada CIO Michael Dietrich, Grant Thornton Principal Graeme Finley, NASCIO Executive Director Doug Robinson and California CIO Amy Tong.</p> <p>In addition to the “State CIO as Broker” report and the State CIO Survey, NASCIO also will publish its “2018 Deloitte-NASCIO Cybersecurity Study” report, the fifth iteration of the landmark report. State CIOs consistently rank <strong>cybersecurity</strong> as a primary concern for their governments, and a panel discussion will highlight key findings of the “<a href="https://www.nascio.org/Publications/ArtMID/485/ArticleID/680/State-of-Cyber-A-Roadtrip-Through-Where-We’ve-Been-and-Where-We’re-Going-webinar" target="_blank">2018 Deloitte-NASCIO Cybersecurity Study</a>” with Georgia CISO Stan Gatewood, Oklahoma CISO Mark Gower, Arizona CISO Mike Lettman and Deloitte Principal Srini Subramanian. Conversations on cybersecurity continue with a look at <a href="https://statetechmagazine.com/article/2018/08/georgia-unveils-cybersecurity-center-workforce-development-mind">the new Georgia Cyber Center</a> with Georgia CIO Calvin Rhodes.</p> <p>Another big focus area for NASCIO 2018 will be <strong>migration</strong><strong> to the cloud</strong>, particularly as state governments still have many legacy applications that have never moved to cloud. Representatives from Nebraska and Ohio will discuss<strong> “State as a Service” </strong>and how their state governments support local governments, partly with assistance in cloud computing. Hawaii CIO Todd Nacapuy will discuss his state’s e-sign service. </p> <p>And a NASCIO roundtable on IT procurement innovation will present marketplace recommendations in a chat with Idaho CIO Greg Zickau; Regina Kunkle, SAP national vice president for state and local and education; and Josh Nisbet, director of U.S. government markets for Deloitte.</p> <p><strong><a href="https://statetechmagazine.com/nascio-2018">Bookmark this page</a> </strong>for stories and videos from the <em>StateTech</em> team. Follow us on Twitter at <a href="https://twitter.com/BizTechMagazine" target="_blank">@S</a><a href="https://twitter.com/StateTech" target="_blank">tateTech</a> or the official conference Twitter account, <a href="https://twitter.com/vmworld" target="_blank">@</a><a href="https://twitter.com/NASCIO" target="_blank">NASCIO</a>, and join the conversation using <a href="https://twitter.com/hashtag/VMworld?src=hash" target="_blank">#N</a><a href="https://twitter.com/search?q=%23NASCIO18&amp;src=typd" target="_blank">ASCIO18</a>.</p> </div> <div> <div class="field-author"> <div id="taxonomy-term-" class=""> <div class="author-photo"> <a href="/taxonomy/term/11391"><img src="/sites/statetechmagazine.com/files/styles/face_small/public/people/Mickey_McCarter.jpg?itok=tWzGOlTU" width="58" height="58" alt="Mickey McCarter" typeof="foaf:Image" /> </a> </div> <div class="author-info"> <span>by </span><a rel="author" href="/taxonomy/term/11391"> <div>Mickey McCarter</div> </a> </div> <div class="author-bio"> <p> <div><p>Mickey McCarter is the senior editor of StateTech Magazine.</p> </div> </p> </div> </div> </div> </div> Wed, 10 Oct 2018 14:52:23 +0000 phil.goldstein_6191 41561 at https://statetechmagazine.com