New Mexico Governor Michelle Lujan Grisham issued an Executive Order to shore up the state’s cybersecurity readiness and better safeguard sensitive data by conducting a state-wide security assessment and adopting National Institute of Standards and Technology (NIST) standards by Nov. 1, 2024. “New Mexico’s decision to establish specific cybersecurity guidelines tied to established NIST guidelines will set the state up for success,” said Trustwave Government Solutions (TGS) President Bill Rucker. “I expect other states to follow suit as the danger posed by malicious threat groups will continue and state, local and municipal governments may be targeted.” Grisham’s Executive Order 2024-011 notes the dangerous surge in cybersecurity threats facing New Mexican state agencies and directs the state’s Department of Information Technology (DoIT) to conduct security assessments on state agencies to detect security vulnerability incidents and support mitigation efforts. The Executive Order follows New Mexico’s Cybersecurity Act, which Grisham signed in April 2023. The Act established the New Mexico Cybersecurity Office tasked with overseeing cybersecurity and information security-related functions across the state Information Technology (IT) ecosystem. The Act also established a cybersecurity advisory committee charged with identifying and recommending cybersecurity best practices for all state government entities, educational institutions, and tribal governments. Additionally, New Mexican state agencies must adopt and implement cybersecurity, information security, and privacy policies based upon no less than moderate-impact security control baselines, frameworks, and standards issued by NIST. The agencies that fall under this order include departments, offices, boards, commissions, and other agencies within the Executive Branch under gubernatorial control. The order also encourages public bodies not specifically named to voluntarily comply with its stated goals and to participate in the cybersecurity and information security programs offered by various state cybersecurity and IT agencies. EO 2024-011 also encourages all public bodies not subject to the order to voluntarily comply with its rules, standards, and requirements and to participate in cybersecurity and information security programs offered by the Cybersecurity Office, the Cybersecurity Advisory Committee, or DoIT. TGS is designated as “In Process Program Management Office (PMO) Review" by the Federal Risk and Authorization Management Program (FedRAMP) for its Government Fusion platform. A process that is expected to be completed shortly. Gaining FedRAMP status is an important step for TGS as shortly after Trustwave receives its final FedRAMP approval, Trustwave will become a StateRAMP-authorized vendor. "Achieving this milestone opens the door for TGS to continue delivering its award-winning managed security services to federal/state/local governments and federal government contractors with a solution that meets or exceeds their elevated security requirements," Rucker said. TGS provides a wide array of solutions and services designed to advise, detect, and secure federal, state, local, and private organizations. These include: Penetration Testing Database Security Email SecurityWhy TGS is the Best Choice
How TGS Can Help
Recent cyberattacks and the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) research indicate the danger facing the healthcare industry is not subsiding, which means...
Trustwave SpiderLabs’ recent threat report on the hospitality industry included a reminder that people are the weakest link in most any cyber security plan, along with some sobering points...
Among the due diligence a company should perform when signing with a managed detection and response (MDR) provider, one item that may not be top of mind is who owns custom content developed during...