Sunday, September 27, 2020

Subscribers Only

Free

CISA Releases 5G Infrastructure and Cybersecurity Strategy

The Cybersecurity and Infrastructure Security Agency has published its strategic plan to secure the 5G infrastructure from bad actors, spelling out five strategic initiatives. The plan focuses on a combination of commerce, security, and global relations, and lists three basic priorities as the bedrock of its approach: risk management, stakeholder engagement, and technical assistance. The […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

NSA and CISA Alert Highlights Urgency for OT Security

Galina Antova of Claroty notes that cyberattacks on critical infrastructure have been leveraged by nation-states and other powerful adversaries as weapons in geopolitical conflicts, revealing to security professionals the poor state of the cyber risk posture of their operational technology networks, and prompting swift actions in many of the largest companies. A new alert from […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

How a New Federal Policy for Telling Election Officials about Cyber-Intrusions Got Put to...

A new DHS protocol for notifying senior state officials – not just IT personnel – of election-related hacking incidents, was put into practice in March. A local election official in Missouri was tricked by a phishing email that spoofed a voting-equipment vendor, and after his Microsoft login credentials were stolen, the email was circulated to […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Federal CISO Schneider Plans to Reinvigorate CyberStat in Fiscal 2021

The Office of Management and Budget has tried to convince agencies to consolidate and optimize their Security Operations Centers, but some departments have as many as 10, making it difficult for anyone to understand what’s going on without consulting them all. Federal CISO Grant Schneider says the latest attempt to consolidate and improve these centers […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

“Cyber Storm” Drill for Critical Infrastructure Focuses on Corruption of Key IT Services

The Department of Homeland Security’s seventh biannual Cyber Storm drill drew some 2,000 participants, testing the ability of companies in the health care, manufacturing, and other key sectors to withstand hypothetical hacking of trusted internet services. The exercise simulated disruptions of several key technologies, including compromised certificate authorities, attacks on the Border Gateway Protocol, and […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Ex-DHS Officials Urge Department to Double Down on its Cybersecurity Work

In reaction to controversial actions by the Department of Homeland Security in dealing with migrants and protesters, a new bipartisan report from former DHS officials suggests the department cut ties with some of the “most partisan” aspects of its work, and redouble its efforts to protect the country from cyberthreats and infectious diseases, to help […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

CISA’s “Next Frontier” Around Cyber Data Analytics

The Cybersecurity and Infrastructure Security Agency is planning a multi-year effort to beef up its data analysis capabilities to help government agencies and the private sector better quantify how digital threats and system vulnerabilities affect not just intended victims, but also the broader critical infrastructure community. The National Risk Management Center at CISA views its […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

CISA Finalized Directive on Vulnerability Disclosure Policies, Congressman Says

The Cybersecurity and Infrastructure Security Agency issued a draft directive in November to require civilian agencies to work with security researchers to find vulnerabilities...

CISA to Host 3rd Annual National Cybersecurity Summit

The Cybersecurity and Infrastructure Security Agency will host its 3rd annual National Cybersecurity Summit virtually, as a series of webinars every Wednesday for four weeks beginning September 16 and ending October 7. Each series will have a different theme that focuses on CISA’s mission to “Defend Today, Secure Tomorrow” with presentations from targeted leaders across […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

NSA, CISA Warn of Threats to US Critical Infrastructure

The National Security Agency and Cybersecurity and Infrastructure Security Agency have issued a joint warning that hackers are increasingly targeting operational technology and critical infrastructure. The alert does not cite any specific recent threats, but warns of a “perfect storm” of vulnerabilities that hackers are looking to exploit, which includes remote access to critical operational […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.