Risk

7/14/2017
11:27 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

States Pledge to Meet Cyber Threats

Outgoing National Governors Association Chair Gov. McAuliffe Sunsets his Initiative, 38 Governors Sign Compact

PROVIDENCE, RI—Today National Governors Association (NGA) Chair Virginia Gov. Terry McAuliffe kicked off the 2017 NGA Summer Meeting with a discussion on how states continue to develop strategies to thwart cyber threats.

Over the last year, Gov. McAuliffe has spearheaded an effort to strengthen state cybersecurity through Meet the Threat: States Confront the Cyber Challenge, his NGA chair’s initiative.

“The goal of my initiative as NGA chair was to elevate the importance of cybersecurity on every governor’s agenda. To do that, we had to highlight why cybersecurity was more than just an information technology issue. I am proud that, throughout the last year, we have successfully engaged governors and their states on strengthening their cyber protocols and recognizing that cybersecurity is a technology issue, but it’s also a health issue, an education issue, a public safety issue, an economic issue and a democracy issue,” Gov. McAuliffe said.

Among the speakers joining him for the session were Matt Spence, partner at venture capital firm Andreesen Horowitz; Chris Bream, chief technology officer at IT company Tanium; and Wes Kremer, vice president of defense contractor Raytheon and president of Raytheon Integrated Defense Systems.

Gov. McAuliffe highlighted governors’ actions to boost cybersecurity defenses throughout the past year. “In New Mexico, Gov. Martinez signed legislation clarifying when the National Guard can be used during cyber events,” he said. “In Oregon, Gov. Brown signed an executive order to unify all cybersecurity efforts into one agency. Lastly, our incoming [NGA] chair, Gov. Sandoval, recently signed a bill to create a cyber defense center to lead all their cyber projects in Nevada.

“Since the launch of my initiative, more than 30 governors have signed an executive order, legislation or announced a cybersecurity initiative,” he continued, adding, “This has resulted in a dozen executive orders, 14 signed bills and 17 initiatives.”

Gov. McAuliffe also announced at the session that 38 governors across the country had signed on to a compact to improve state cybersecurity in which they pledged to enhance cybersecurity governance, prepare and defend their states from cybersecurity events and help grow the nation’s cyber workforce.

The work of Meet the Threat will live on, both in the Governor’s Guide to Cybersecurity, a comprehensive resource for state officials that outlines concrete steps they can take to bolster cybersecurity practices, and NGA’s Resource Center for State Cybersecurity, which Gov. McAuliffe co-chairs with Michigan Gov. Rick Snyder

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Valentine's Emails Laced with Gandcrab Ransomware
Kelly Sheridan, Staff Editor, Dark Reading,  2/14/2019
High Stress Levels Impacting CISOs Physically, Mentally
Jai Vijayan, Freelance writer,  2/14/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-8423
PUBLISHED: 2019-02-18
ZoneMinder through 1.32.3 has SQL Injection via the skins/classic/views/events.php filter[Query][terms][0][cnj] parameter.
CVE-2019-8424
PUBLISHED: 2019-02-18
ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php sort parameter.
CVE-2019-8425
PUBLISHED: 2019-02-18
includes/database.php in ZoneMinder before 1.32.3 has XSS in the construction of SQL-ERR messages.
CVE-2019-8426
PUBLISHED: 2019-02-18
skins/classic/views/controlcap.php in ZoneMinder before 1.32.3 has XSS via the newControl array, as demonstrated by the newControl[MinTiltRange] parameter.
CVE-2019-8427
PUBLISHED: 2019-02-18
daemonControl in includes/functions.php in ZoneMinder before 1.32.3 allows command injection via shell metacharacters.