StateTech Magazine - Technology Solutions That Drive Government en How Drones Are Used in Public Safety, Fire Departments and Emergency Management <p>Agencies across the country have steadily embraced drones in one form or another.</p> <p>According to <a href="" target="_blank">a May 2018 report</a> from <a href="" target="_blank">Bard College’s Center for the Study of the Drone</a>, at least 910 state and local police, sheriff, fire, and emergency services agencies in the U.S. had acquired drones, formally known as unmanned aerial systems, as of the report’s publication. Notably, the center estimated the number of public safety agencies with drones increased by around 82 percent in the year prior to the report’s publication.</p> <p>According to Dan Gettinger, a founder and the co-director of the Center for the Study of the Drone, the center is putting the final touches on an updated report, which should be released soon.</p> <p>How is drone use in law enforcement, in fire departments and at emergency management agencies evolving?</p> <p>“I would say that the trends are pretty consistent with the findings in the 2018 report,” Gettinger says. “The number of new agencies adding a drone capability per year has leveled off.” That said, Gettinger adds, there are still hundreds of new agencies adding drones each year.</p> <p>Interest in drones within the public safety community has not waned, Gettinger notes. The low cost, when compared with that of a helicopter or other manned aircraft, remains a major advantage and driver behind adoption. “The technological benefits are still pretty salient” as well, Gettinger says.</p> Phil Goldstein How Can State and Local Agencies Better Collaborate on Cybersecurity? <p>Some state governments, such as Massachusetts, <a href="" target="_blank">have established formal plans</a> to work with localities within their states on cybersecurity. However, as <a href="" target="_blank">ransomware attacks</a> proliferate across the country and strike <a href="" target="_blank">big cities</a> and <a href="" target="_blank">small towns</a> alike, state-level organizations say there needs to be greater IT security coordination between states and municipalities. </p> <p>Last month, the National Governors Association and the National Association of State Chief Information Officers released a report, “<a href="" target="_blank">Stronger Together: State and Local Cybersecurity Collaboration</a>,” designed to showcase best practices for such collaboration. </p> <p>“State governments are increasingly providing services to county and municipal governments, including endpoint protection, shared service agreements for cyber defensive tools, incident response and statewide cybersecurity awareness and training,” the report notes. </p> <p>At a minimum, the report says, increased engagement can provide government agencies with “a more accurate threat picture to enhance state and local governments’ cyber posture.” Yet agencies need to move beyond mere information sharing to “leverage limited resources for enhanced cyber capabilities,” the report notes. </p> Phil Goldstein As Targets, States Need to Be Prepared for the 2020 Election <p>With the first 2020 election primaries upon us, state government leaders are faced with the critical question of whether their election systems are prepared for looming cybersecurity threats. </p> <p>Foreign threat actors have shown again and again their interest in undermining one of the most sacred rights Americans hold: the vote. In Florida, it’s been <a href="" target="_blank">reported</a>, Russian interference in voter roll systems had the potential to alter results during the 2016 midterm elections. In Illinois, <a href="" target="_blank">media reports show</a>, there’s evidence that hackers working for Russian military intelligence installed malware on the network of a voter registration technology vendor. In fact, all 50 states’ election systems were targeted by Russia in 2016, <a href="" target="_blank">according to a July 2019 report</a> from the U.S. Senate Select Committee on Intelligence. </p> <p>Cyber-enabled election threats did not end in 2016. In the 2018 midterm elections, <a href="" target="_blank">FireEye</a> identified <a href="" target="_blank">multiple social media accounts impersonating</a> congressional candidates and spreading pro-Iran messages. </p> <p>From the federal to the state level, government entities are looking into how these incidents happened and how to ensure it doesn’t happen again. Unfortunately, those who would do the nation harm are working day and night to find new ways to weaken our systems and, subsequently, voter confidence. </p> <p>Security experts have seen a number of potential threats to the 2020 elections, namely <a href="" target="_blank">a significant increase</a> in ransomware attacks, continued disinformation campaigns and more aggressive nation-state attacks within regions outside the U.S. </p> Tom Guarente Election Security 2020: How to Protect Election Data and Voter Information [#Infographic] <p>Secretaries of state and local boards of election must protect their voter databases as closely as possible, even as they keep that information accessible to temporary poll workers, election officials and state officials who need it to do their jobs.</p> <p>Securing that data is essential: Voters provide the foundation for the nation’s election system — not just in their actions, but in their names, addresses and Social Security numbers. It’s information that is tempting bait for malicious actors who want to affect an election’s outcome.</p> <p>Like any system with multiple endpoints, security efforts focus on the data, not just the network, especially in the case of voter databases. Those live in many locations — the site where a citizen actually registers, the board of elections itself, the electronic poll books at polling places on Election Day, websites where the public can go to check registration status or find election results. </p> <p>No matter what kind of election is being held, be it for city council in a small town or president of the United States, protecting the network and databases that make voting possible is essential. Here’s a look at how it’s done:</p> Elizabeth Neus State and Local Agencies Learn Cloud Strategies from the Feds <p>When state and local agencies see federal government cloud strategies, it may appear moving everything to the cloud — infrastructure, applications, desktops, data and more — is too daunting, too confusing and too expensive. That has the potential to be true if there’s no structure applied to the process. But that begs the questions, how can we apply that structure? Where do we even start?</p> <p>Federal agencies have already started. You just need to learn from their concepts to make them your own and absorb the lessons they’ve learned the hard way about what it means to work with the cloud.</p> David Egts Winter 2020 Good Governance Results in Public Information Sharing <p>Atlanta CIO Gary Brantley established <a href="" target="_blank">a CIO advisory board composed of tech leaders last year</a>. Larry Williams, CEO of the Georgia Technology Association, <a href="">tells <em>StateTech</em></a> a resident-focused approach for the city’s tech governance is vital.</p> <p>Williams believes industry leaders close to city residents can help keep government abreast of citizen concerns and thus drive positive outcomes. “This is a great opportunity to come at challenges from a customer-centric point of view and really put the interests of the city’s residents first,” he says.</p> <p>Good governance involves transparency and consistency so citizens can easily see the public sector at work. When it comes to technology investments, transparency and consistency take on a deeper meaning as management strives to ensure data interoperability among programs, thus easing information sharing with the public.</p> Ryan Petersen Street Smarts: Coral Gables, Fla., Puts Data to Work for Citizens <p>Established by George Merrick in 1925, <a href="" target="_blank">Coral Gables, Fla.</a>, was one of the first planned communities in the United States. It was inspired by the City Beautiful movement of the late 1800s and early 1900s, a concept built on the premise that a city’s design cannot be separated from social issues.</p> <p>Nearly a century later, the city of more than 50,000, adjacent to Miami, has extended this concept with a number of smart city initiatives designed to improve the services it offers residents, businesses and visitors. To achieve this mission, Coral Gables provides an online portal that delivers convenient, real-time access to data from a number of systems and sensors in an effort to improve overall quality of life in the city. </p> <p>“Over the years, technology has become more and more useful to help deliver services in a smarter way,” says Raimundo Rodulfo, the city’s IT director. “So, we started a digital transformation process over the years to help connect to the citizens and also become more efficient by replacing obsolete or inefficient processes with more digital and automated processes.”</p> <p>Large and small cities are identifying the smart city projects that best serve their communities and fit their budgets. In doing so, Coral Gables and other municipalities implement plans that support more resilient and efficient infrastructure while putting actionable data into the hands of their citizens. According to Chris Holley, manager of research and innovation for the <a href="" target="_blank">Florida League of Cities</a>, Florida’s cities are looking toward the future in their own individual and unique ways.</p> <p>“Some of the most common project examples tend to be streetlights, smart parking or improvements with digital service delivery,” Holley says. “With this being said, the variety of services cities provide — utilities, police, etc. — often drive the types of early projects and pilots selected.” </p> <p>“These can range from smart meters and public safety deployment based on crime analytics to even a more robust fiber and wireless network for safer and more connected communities,” he says.</p> Derek Rice Election Security 2020: States Take Cybersecurity Measures Ahead of November <p>In the Buckeye State, officials are doing more than just keeping an eye on the upcoming national elections. As the threat of cyber tampering looms large, state and local leaders are working diligently to ensure voting is secure.</p> <p>“We want to set the tone for the rest of the nation,” says Ohio Secretary of State Frank LaRose, who in June issued <a href="" target="_blank">a 34-point directive</a> to guide state, county and local efforts on election cyber strategies. It calls for the use of event logging and intrusion detection tools, along with segmentation — disconnecting voting apparatus from external networks. “We want to make sure our boards of elections aren’t leaving a door opened by being attached to other, less secure assets,” LaRose says.</p> <p>Ohio may be out in front, but it is hardly alone. Authorities in all 50 states are taking steps to not only to secure the vote, but to ensure that the public perceives that vote as valid. They are getting help from the federal government, including the Cybersecurity and Infrastructure Security Agency, an operational component under the U.S. Department of Homeland Security. </p> <p>Experts say the aggressive action is justified, given the high likelihood that adversarial nations and other bad actors could try to tamper with the election.</p> Adam Stone Apps Collect Threat Intelligence for Government IT Managers to Share <p>Eric Brumm recently deployed next-generation endpoint security software to better protect the city of <a href="" target="_blank">Glendale, Calif.</a>, from malware, ransomware and other exploits. It gives him an added bonus: visibility into trends and other potential threats.</p> <p>Brumm, the city’s chief IT architect, implemented <a href="" target="_blank">Palo Alto Networks</a>’ <a href="" target="_blank">Traps endpoint security</a> on the city’s servers and computers last year. Through a Traps weekly report this summer, he discovered that <strong>an employee with administrative rights disabled Traps enforcement from the employee’s own computer</strong>.</p> <p>Traps reported an exploit, prompting Brumm and his staff to investigate further. They discovered the employee deactivated Traps to run an extension that makes newer versions of <a href="" target="_blank">Microsoft Office</a> look like an older version. Brumm alerted the employee’s supervisor and resolved the situation by enforcing Traps.</p> <p>“We told the supervisor that <strong>no one should be exempt from enforcement in our environment</strong>, and that if the exploit was really something bad, <strong>it could cause major issues</strong>,” says Brumm.</p> <p>Local and state government agencies are deploying <strong>security tools that increasingly use behavioral analytics and machine learning to automatically stop cyberthreats</strong>. But the tools also provide visibility and actionable insight into their overall security posture, which helps them further protect their IT infrastructure.</p> <p>These tools can uncover security vulnerabilities and other problems existing inside networks, but some security vendors offer <strong>threat intelligence services</strong>, which provide information on global threats in nearly real time and share details on how organizations can protect their internal systems.</p> <p>Government IT leaders in charge of security say they review the security information from their tools and threat intelligence reports, and if something warrants attention, they share it with others on the IT team. If necessary, <strong>they collaborate and coordinate across departments to fix security issues</strong>.</p> <p>Analysts say that’s a sound strategy. Too many alerts from tools can cause information overload. So, to be effective, organizations should only share relevant, high-quality alerts.</p> <p>“It’s about sharing smartly,” says IDC analyst <a href="" target="_blank">Frank Dickson</a>. “The critical resource is people, so when we share intelligence, we need to make it relevant and actionable.”</p> Wylie Wong