David Kertai

Cities that are successfully scaling AI are investing in workforce upskilling alongside governance and technology deployment. Case studies from Washington, DC, San Jose, Seattle, and Cleveland show that employee training and AI literacy are critical to turning pilot projects into lasting improvements in public service delivery.

The National Vulnerability Database is struggling with growing backlogs, outdated processes, and overlapping responsibilities that threaten its effectiveness. NIST should improve coordination with CISA, modernize vulnerability management systems, and strengthen stakeholder engagement to restore trust and efficiency.

Five states—Utah, Connecticut, Ohio, Texas, and North Carolina—are showing how centralized AI sandboxes, oversight frameworks, and clear evaluation metrics can help governments move beyond isolated pilot programs and scale AI tools to deliver measurable improvements in public services.

As AI-powered cyber threats become more advanced, the federal government should modernize the CyberCorps SFS program by integrating AI-security training, reforming cyber hiring pipelines, and expanding training infrastructure to build a stronger cybersecurity workforce.

Cyberattacks are rising across state and local governments, and the blog recommends that all states adopt coordinated strategies, clear standards, and stronger cyber capabilities to close security gaps and improve resilience.

State and local governments face rising cybersecurity risks that strain budgets, disrupt services, and erode public trust. Governments need targeted investments in modern infrastructure, continuous monitoring, and stronger third-party risk management to protect critical services.

While the U.S. has focused on securing AI systems themselves, it must urgently shift toward using AI defensively—through coordinated government, industry, and infrastructure efforts—to counter the growing threat of AI-powered cyberattacks on existing systems.

Cyberattacks on critical infrastructure—particularly health care—are escalating, and Congress should pass the Health Care Cybersecurity and Resiliency Act and expand similar sector-specific cybersecurity programs across all critical infrastructure sectors to provide tailored funding, guidance, and support.

AI-enabled “ghost student” scams are siphoning millions in federal financial aid by exploiting weak, document-based identity verification systems at U.S. colleges. While the Department of Education has tightened ID checks, Congress should establish interoperable, high-assurance digital IDs to prevent fraud at scale and ensure aid reaches real students.

The India AI Impact Summit will test whether the United States can position itself as a credible AI partner to emerging economies by advancing collaboration with India on adoption, compute equity, and governance to deliver secure, scalable, and impactful AI deployment.

The Trump administration’s withdrawal from international cybersecurity forums like the GFCE and Hybrid CoE risks creating gaps in global coordination, early warning, and norm-setting. Strategic disengagement must be paired with replacement mechanisms to preserve multilateral cyber capacity, maintain allied cohesion, and safeguard U.S. interests.

Transnational scam networks, often based in Southeast Asia and exploiting weak governance, have stolen billions from U.S. consumers, and effectively combating them requires bipartisan legislation, stronger public-private coordination, and sustained international cooperation.