Cyber Florida

About Cyber Florida

This author has not yet filled in any details.
So far Cyber Florida has created 80 blog entries.

National Cyber Director Announces Service for America

Sept. 4, 2024—Washington, D.C.—Today, the White House Office of the National Cyber Director (ONCD), in partnership with the Office of Management and Budget (OMB) and Office of Personnel Management (OPM), is proud to announce Service for America, the Biden-Harris Administration’s recruiting, hiring, and engagement sprint aimed at preparing our country for a digitally enabled future by connecting Americans to good-paying, meaningful jobs in cyber.

The #ServiceForAmerica sprint is launched in support of the 2023 National Cyber Workforce and Education Strategy, a multi-pronged approach to expand the cyber workforce and education system to better prepare all Americans for jobs in cyber. The sprint will continue through Cybersecurity Awareness Month and highlight the importance of skills-based hiring and work-based learning opportunities to support expanding the cyber workforce in government and private industry.

Find out more about this launch at the ONCD blog and follow @ONCD on Twitter and LinkedIn for updates and amplification.

2024-10-08T14:28:15-04:00September 4, 2024|
Read More

Enhancing CI Cyber Resilience through Maturity Modeling

31 July 2024 – Tampa, FL: In 2023, the Florida Center for Cybersecurity at the University of South Florida (aka Cyber Florida at USF) conducted a statewide analysis to assess the cyber readiness of Florida’s critical infrastructure (CI) providers across 16 critical infrastructure sectors. The study – conducted on behalf of the State Legislature in fulfillment of Appropriation 2944B – offered several recommendations to improve cyber resilience and protect Florida’s people, property, and prosperity. Among these recommendations was a call to “Adopt a Florida-specific cyber maturity model for critical infrastructure providers.” Since those recommendations were offered in July of 2023, subsequent cyberattacks against CI providers in Florida have led to data breaches and service disruptions across several critical infrastructure sectors, including healthcare5, education6, the judicial system7, and essential government services8. While a commitment to maturity modeling may not prevent every such incursion, it is a critical step in improving cyber readiness across the state’s critical infrastructure sectors. Maturity models offer organizations a means to assess essential practices and metrics to guide cyber-management decisions strategically. In short, maturity models – like the Balanced Scorecard – help organizations to systematically measure the systems, processes, and practices that determine their cyber health because what gets measured, gets managed.

In recognition of the critical role that cyber resilience plays in protecting Florida’s people, property, and prosperity, this policy brief provides an overview of maturity modeling as well as some suggested steps state leaders may consider to ensure that Florida’s critical infrastructure providers are measuring the right things and deliberately aligning organizational practices with their cyber-readiness goals. This report provides (1) a brief overview of how maturity models work, including a summary of the most commonly employed models in key CI sectors; (2) a review of current cyber vulnerabilities among Florida’s critical infrastructure providers as well as an analysis of how maturity modeling can help CI providers overcome these vulnerabilities; and (3) specific recommendations for integrating maturity modeling into Florida’s ongoing cybersecurity initiatives. While there is no one-size-fits-all solution that will serve the diversity of Florida’s critical infrastructure sectors adequately, the goal of this policy brief is to provide state leaders with practical, data-driven guidance so that they can drive data analysis efforts and better incentivize and support the state’s CI providers in these increasingly critical efforts.

2024-07-31T15:07:34-04:00July 31, 2024|
Read More

chat:CYBR Podcast Episode 4: Dr. Stephen Neely

Dr. Stephen Neely, Associate Professor and Director of the Master of Public Administration program at the University of South Florida, discusses ransomware attacks and the need for ransomware readiness in organizations. Ransomware attacks use malicious software to gain unauthorized access to computer systems and demand a ransom in exchange for releasing information or restoring access. These attacks can have severe consequences, such as disrupting essential services and causing reputational damage. The conversation highlights the importance of closing the maturity gap for basic ransomware readiness and provides recommendations for the state legislature, including coordination, delegation, tracking progress, and providing informational and resource support. Cyber Florida is recognized as an organization that can play a significant role in society’s relationship with ransomware by providing at USF coordination, research support, technical support, and training for the future cyber workforce.

2024-07-24T13:49:06-04:00July 22, 2024|
Read More

Cyber Florida Leads Election Security Tabletop Exercise (TTX)

On 8 May, over sixty representatives from fourteen counties participated in an in-person TTX hosted by Cyber Florida at Hunter’s Green in Tampa. County Supervisors of Elections (SoEs), Law Enforcement (LE) personnel and those in Information Technology (IT) roles were joined by representatives from the FBI, Florida Digital Service (FLDS), the Cybersecurity & Infrastructure Security Agency (CISA), the University of West Florida (UWF), and Florida International University (FIU) (two of Cyber Florida’s state training program partners) to address this critical topic. The FBI, CISA, and UWF spoke to the group about the importance of election security, how their organizations provide support, and how state and county officials can connect with them.

Following those informative presentations, Norwich University Applied Research Institute (NUARI) orchestrated a four-hour session using scenarios developed in concert with Cyber Florida, SoEs, and LE personnel. NUARI’s DECIDE tool virtually presented scenario events to the different sets of “players” in the room, who had to articulate how they would respond to the events. The advantages of holding the event in person became obvious as numerous discussions and networking occurred at every table and among the SoEs, LEs, and IT personnel throughout the day—organic discussions that could not be replicated in a strictly virtual environment.

Cyber Florida infused the new, state-funded cyber range (hosted by SimSpace) to provide a technical, hands-on dimension to the experience. IT personnel from three counties and University of South Florida students in Cyber Florida’s Security Operations Center Apprentice Program were confronted with various cyber events on the range. At the conclusion, IT participants were asked to share the events detected and actions taken. Notably, their presentations were clear and concise—even to those in non-technical roles—underscoring the importance of IT personnel being able to explain things in “plain English” to managers and executives who may need to take or authorize specific actions.

Feedback from participants included these comments:

  • “We need to revise our Incident Response Plan to include many of the things we learned today.”
  • “Learned a lot about resources available to us: CISA, FBI, Cyber Florida, FLDS and other state orgs.”
  • “The opportunity to have in-person networking was great.”
  • “The use of tech and opportunity to collaborate amongst many counties was great.”
  • “We need to codify our processes and know our key POCs.”
  • “We need more training events like this.”

Cyber Florida thanks the Pasco County SoE, Kristie Crump, and the Pasco County Sheriff’s Office (specifically Chuck Esposito), who contributed expertise and used their SoE and LE networks to help us garner the support and participation of other counties.

Cyber Florida is working with FIU to co-host another in-person TTX in the Miami area in August and will endeavor to host one in the Jacksonville area in September. As we do this, we will also need support from SoE and LE personnel in those parts of the state.

2024-06-28T11:55:24-04:00June 28, 2024|
Read More

National Cyber Director Releases Workforce and Education Strategy

June 25, 2024 – Washington, D.C.: The Office of the National Cyber Director (ONCD) today released the National Cyber Workforce and Education Strategy: Initial Stages of Implementation, outlining the progress made since the office initially released the strategy in 2023. In a blog post announcing the report, titled “Unleashing America’s Cyber Talent,” Assistant National Cyber Director for Workforce, Training and Education Seeyew Mo, noted that “…demand for cyber talent is only going to grow. We are at a crucial point where we all must work together – across the Federal Government, private sector, academia and non-profits, and other stakeholders…”

Mo went on to outline several initial successes, including, “unprecedented” coordination across 35 Federal agencies; a shift in Federal hiring toward a skills-based approach to IT positions; identification of Federal investment opportunities to provide more access to these careers for Americans; and the cooperation of more than one hundred of agencies, associations, foundations, and academic institutions yielding $95 million in investments, 13,000 new hires in the field, and more than 1 million trained.

Cyber Florida at USF is proud to participate in this national initiative through several programs, including CyberWorks—which is part of the national CyberSkills2Work program—and the National Centers of Academic Excellence program managed by the National Security Agency.

2024-10-07T16:38:50-04:00June 16, 2024|
Read More

CONTACT US

Cyber Florida at USF
4202 E. Fowler Avenue, ISA7020
Tampa, FL 33620

Office meetings by appointment only

PRIVACY POLICY

Copyright 2024 The Florida Center for Cybersecurity at the University of South Florida. Information on this website is made available for general educational purposes only and should not be used in lieu of obtaining competent legal advice from a licensed attorney or cybersecurity professional with sufficient expertise necessary to address your specific needs. Use of this website does not create any special or fiduciary relationship between you and the Florida Center for Cybersecurity or the University of South Florida.