嗯,用户让我帮忙总结一下这篇文章的内容,控制在一百个字以内。首先,我需要仔细阅读这篇文章,理解它的主要观点和关键信息。 文章主要讨论了2025年针对州和地方政府机构(SLG)的网络攻击事件,强调了资产可见性的重要性。这些攻击暴露了机构在资产管理和安全方面的不足,比如未知或未管理的资产、未修补的漏洞以及配置错误的云服务。 接下来,文章提出了五个关键教训,帮助SLG领导者在2026年采取更积极的安全措施。这些教训包括持续资产发现、整合工具以减少盲点、集中化洞察、优先处理关键风险以及从被动防御转向主动管理。 用户的要求是用中文总结,控制在100字以内,并且不需要特定的开头。因此,我需要将这些要点浓缩成简洁明了的句子。 首先,指出2025年的攻击事件揭示了资产可见性的问题。然后,提到五个教训,强调从被动到主动的安全管理转变。最后,说明这些措施如何帮助机构减少风险。 这样组织起来应该能符合用户的要求,并且信息准确、简洁。 </think> 2025年针对州和地方政府机构(SLG)的网络攻击揭示了资产可见性不足的问题。文章提出五个关键教训:持续资产发现、整合工具以减少盲点、集中化洞察、优先处理关键风险以及从被动防御转向主动管理。这些策略有助于SLG机构在2026年更好地应对网络安全威胁并减少风险。 2026-2-5 14:0:0 Author: www.tenable.com(查看原文) 阅读量:2 收藏
From school districts to state agencies, 2025 cyber incidents were a wake-up call about asset visibility. Discover five actionable lessons SLG leaders can use to close the cyber exposure gap and move from reactive threat detection and response to proactive exposure management.
Key takeaways
- Effective cyber defense in 2026 requires state and local government agencies (SLGs) to move beyond scheduled scans to continuous, real-time discovery of all managed and unmanaged digital assets.
- Consolidating data from siloed cybersecurity tools into a unified visibility layer helps security teams proactively identify the identity, cloud, and network weaknesses attackers are likely to exploit.
- The 2026 SLG cybersecurity blueprint should focus on identifying and remediating specific exposures that create viable attack paths.
- Shifting focus from reactive threat detection and response to unified exposure management helps SLGs mitigate risks before they escalate into breaches and cause disruption.
In 2025, cyberattacks against state and local governments (SLGs) reached an alarming scale. Publicly reported incidents impacted organizations in 44 U.S. states, disrupting critical services, exposing sensitive data, and straining already limited IT and security resources.
From state, local, and education (SLED) to utilities and public safety agencies, the breadth of attacks made one thing clear: cyber risk is systemic.
While the tactics varied, the outcomes were strikingly consistent. Attackers exploited security blind spots. They moved laterally across fragmented environments. And in many cases, SLG agencies didn’t realize the true scope of exposure until attackers had already compromised their systems.
As state and local leaders look ahead to 2026, the most important question is not whether attacks will continue, but what lessons to apply now to reduce risk moving forward.
The 2025 cyber snapshot for SLGs
The most significant cyber incidents of 2025 shared several common characteristics:
- Unknown or unmanaged assets exposed to the internet
- Unpatched vulnerabilities in legacy systems
- Misconfigured cloud services introduced during modernization efforts
- Decentralized environments with limited centralized oversight
- Delayed detection, allowing attackers to escalate privileges and expand impact
In many cases, agencies had security tools in place, but those tools operated in silos. Vulnerability scanners, endpoint detection and response tools, cloud security platforms, and identity systems all generated isolated signals, yet no unified view existed to connect them. This left security teams reacting to alerts rather than understanding how real risk moved through their environments.
The result was a widening cyber exposure gap between what agencies thought they had secured and where they actually had exposures.
Learn how to apply lessons learned to your 2026 cyber roadmap. Register for the "Bridging the Cyber Gap" webinar now.
Why 2025 was a turning point for SLG cybersecurity
For years, state and local government organizations prioritized reactive cybersecurity approaches. Limited budgets, staffing shortages, and aging infrastructure made it difficult to move beyond compliance checklists and point-in-time security assessments.
But the 2025 attacks demonstrated that reactive security no longer matches the speed or sophistication of modern cyber threats.
Attackers don’t exploit single vulnerabilities in isolation. They chain together weaknesses across identity systems, endpoints, cloud workloads, and network infrastructure. They target what defenders can’t see, including the weaknesses they don’t realize are connected.
This is where many SLGs found themselves in 2025: responding to incidents without a clear understanding of how attackers gained access, where else they could move, or which exposures posed the greatest risk next.
From vulnerability management to exposure management
While vulnerability management remains an essential foundation for cyber hygiene in any agency, the evolving threat landscape of 2026 requires building upon those basics with a comprehensive exposure management strategy.
Rather than replacing vulnerability management, exposure management provides the critical visibility and context needed to scale security efforts across a diverse, modern attack surface.
Traditional vulnerability management answers an important question: Which vulnerabilities exist? Exposure management answers a more critical one: Which vulnerabilities actually put the organization at risk, and how could attackers exploit them?
A proactive exposure management approach focuses on:
- Complete asset visibility: Identifying known, unknown (shadow IT), on-prem, cloud, and remote assets
- Contextual risk prioritization: Understanding which exposures matter most based on exploitability and business impact
- Attack path analysis: Seeing how individual weaknesses connect across systems
- Continuous monitoring: Adapting as environments change, not just during scheduled scans
For state and local governments, this shift is especially important. Decentralized governance models, independent local agencies, and mixed infrastructure make it nearly impossible to manage cyber risk without a unified view.
Learn how to build a 2026 exposure management roadmap for SLGs. Register for the webinar now.
5 cyber lessons for SLG leaders in 2026
SLG leaders can use lessons learned from last year’s cyber incidents to drive action in 2026:
1. You can’t protect what you can’t see
In many of the most damaging cyber attacks, threat actors exploited assets agencies didn’t realize were exposed, including S3 buckets in the cloud and network devices on premises. Continuous asset discovery is no longer optional.
2. Cyber risk lives between tools
Siloed cloud, identity, OT, AI, and network security tools leave gaps attackers are happy to exploit. Attack surface visibility must extend into AI tools, across systems, teams, and environments, whether cloud or on-prem.
3. Decentralization requires central insight
Even when security operations are local, leadership needs centralized visibility into risk across agencies, counties, and districts.
4. Prioritization is everything
Security teams can’t fix everything, but they can fix what matters most using threat and business context.
5. Proactive beats reactive, every time
Agencies that proactively identify and close exposures dramatically reduce their risk.
Preparing SLGs for 2026: Closing the cyber exposure gap
As state and local governments move into 2026, cloud adoption will expand, AI tools will introduce new risks, regulatory scrutiny will grow, and attackers will keep targeting the public sector.
The agencies best positioned to meet these challenges will be those that move beyond reactive defense and embrace exposure management as a whole-of-state cybersecurity strategy.
Bridging the cyber exposure gap doesn’t start with more tools. It starts with better visibility, richer context, smarter prioritization, and a proactive understanding of how risk truly exists across the environment.
The lessons of 2025 are clear. The opportunity in 2026 is to act on them.
Is your agency ready to build a proactive cybersecurity strategy for 2026? Join us at 2 p.m. ET Feb. 5 for our webinar, "Bridging the cyber gap: From 2025 hits to 2026 threats," where you can dive deeper into these SLG cyber trends and get a blueprint for a proactive defense.
Kate Boronkay
Product Marketing Manager for State, Local, and Education (SLED) at Tenable
Kate Boronkay is the Product Marketing Manager for State, Local, and Education (SLED) at Tenable. She specializes in market research and identifying the unique challenges facing SLED organizations, including navigating complex programs and funding requirements. Kate translates these insights into compelling messaging and integrated campaigns designed to help agencies achieve measurable cyber resilience and secure critical public services.
如有侵权请联系:admin#unsafe.sh