Mark Weatherford

Cybersecurity Columnist

Mark Weatherford, chief strategy officer for the National Cybersecurity Center, is the cybersecurity columnist for Governing and a senior fellow at the Center for Digital Government, both of which are divisions of e.Republic. Among his previous appointments, he served as the U.S. Department of Homeland Security's deputy undersecretary for cybersecurity and, before that, as the chief information security officer for the state of California. In the private sector, Weatherford served in senior roles at the North American Electric Reliability Corp., vArmour, Booking Holdings and Aspen Chartered, in addition to advisory roles with a number of technology startups.

It’s a bold attempt to transform cybersecurity. State and local government organizations, along with their vendors, will benefit from strengthened federal requirements.
By building on a decade-old federal effort, the just-launched StateRAMP promises to standardize and simplify procurement of cloud services that have already undergone rigorous security testing.
We've had plenty already, yet we react the same way to every new attack. The question is, are we awake? We need to do a better job of learning from our failures and preparing for the attacks to come.
Government organizations should proactively support and lead with good cybersecurity practices, and they can help the public by spreading the word about how to spot dangerous lies.
Supply chains are the backbone of the public and private sector. The digital components of these complex systems are at increasing risk of being disrupted, degraded or destroyed.
The focus has been on the attack's impact on federal agencies and the private sector, but state and local governments need to inventory their vulnerabilities and prepare for a long recovery.
While the Trump White House has done some good things, the president-elect has shown genuine interest in the issue, and more federal resources are becoming available.
Getting away from our continuing reliance on legacy technology and moving toward a centralized organizational model would improve security organizations' ability to meet today's threats.
There is much that they can do to support what state and local election officials are doing to counter efforts by those who would weaken our democratic institutions through distrust and suspicion.
In many ways, our digital infrastructure was unprepared for the pandemic's challenges. Now is the time for a longer-term cybersecurity vision.