cyber_admin – Page 6 – WindowsTechs.com

Former NSA official: A joint U.S.-Russia cyber unit isn’t (totally) absurd

Posted on August 23, 2017 by cyber_admin

A former deputy director at the National Security Agency said that the idea of a joint U.S.-Russian cyber security unit is not as ridiculous as it sounds, as long as the U.S. side isn’t gullible enough to believe everything the Russians say. “I don’t think it’s absurd, but if you expect the Russians are going to deal with that transparently, and then we’ll get answers that you can take at face value, I think that’s naive,” former NSA Deputy Director Chris Inglis said in an interview. Inglis, who left the NSA in 2014, said it might be worth entertaining the idea of a joint unit just “to see how far they’re willing to go.” “What are you willing to put on the table, Russia? If you don’t ask, you’re not going to get,” Inglis said. “But we should hedge our bets. We should have very low expectations about what you […]

The post Former NSA official: A joint U.S.-Russia cyber unit isn’t (totally) absurd appeared first on Cyberscoop.

Continue reading Former NSA official: A joint U.S.-Russia cyber unit isn’t (totally) absurd→

The new organization needed to digitally protect the U.S.

Posted on July 10, 2017 by cyber_admin

Americans live in a digital glass house. Unless we do something radically different, that house is set to shatter. How much longer can we continue to tolerate the daily theft of our nation’s secrets, technological innovation and personal privacy from criminals and nation-states? The answer doesn’t lie with our government, nor with commercial firms. There is no magic pill, but there is a better way. Our corporations, universities and research centers are the lifeblood of global innovation, having pioneered society’s technological advancements over the past 75 years. Yet in spite of all the amazing innovation that has made the American economy the envy of the world, we remain the most digitally vulnerable business population on the planet. The U.S. has poured hundreds of billions of dollars into ensuring our offensive and defensive cybercapabilities are ahead of our adversaries. But our society and businesses remain vulnerable because every aspect of our […]

The post The new organization needed to digitally protect the U.S. appeared first on Cyberscoop.

Continue reading The new organization needed to digitally protect the U.S.→

The new organization needed to digitally protect the U.S.

Posted on July 10, 2017 by cyber_admin

The post The new organization needed to digitally protect the U.S. appeared first on Cyberscoop.

Continue reading The new organization needed to digitally protect the U.S.→

10 ways to secure sensitive information on AWS

Posted on June 30, 2017 by cyber_admin

Some security experts have described the recent exposure of sensitive information of 198 million Americans — nearly all registered voters — as “the mother load of all leaks.” Deep Root Analytics, the data analytics firm that left its AWS database exposed on the public internet for two weeks, is now facing its first class-action lawsuit. The uproar over the leak will likely continue for a long time. More than anything, this security incident highlighted the need for organizations to protect their often-overlooked Infrastructure-as-a-Service systems like AWS. The Deep Root Analytics data repository was in an S3 bucket without protected access, accessible to anyone who would navigate to a six-character Amazon subdomain. Implementing the right security strategy can prevent this kind of leak in the future. It would also help protect data from other threats. Although Amazon Web Services has invested heavily in security, the platform is not impenetrable. For example, […]

The post 10 ways to secure sensitive information on AWS appeared first on Cyberscoop.

Continue reading 10 ways to secure sensitive information on AWS→

DHS inspector general: Georgia’s election systems weren’t hacked

Posted on June 28, 2017 by cyber_admin

The Department of Homeland Security’s inspector general has concluded that the department did not breach Georgia’s voting system, according to a letter issued to Congress on Monday. The letter by Inspector General John Roth stipulates that his office’s Digital Forensics and Analysis Unit recreated a contractor’s actions from Nov. 15, 2016: accessing a public page on the Georgia Secretary of State’s website in order to verify security guards’ weapons certification licensing, which a contractor then copied into a spreadsheet file. The letter was sent to the House Committee on Oversight and Government Reform, which asked for an independent investigation in January. The incident came to light last December, when Georgia Secretary of State Brian Kemp claimed someone from DHS tried to breach his office’s firewall after the state’s third-party cybersecurity provider detected an IP address from the federal department’s Southwest D.C. office trying to penetrate the state’s firewall. Since then, the […]

The post DHS inspector general: Georgia’s election systems weren’t hacked appeared first on Cyberscoop.

Continue reading DHS inspector general: Georgia’s election systems weren’t hacked→

How Microsoft’s Azure platform can help agencies with the Cybersecurity EO

Posted on June 8, 2017 by cyber_admin

Microsoft Security Response Center research into recent cyberattacks indicates that the average time for infection or exploitation of an unpatched node on a compromised network is as little as 90 seconds. Verizon’s Data Breach Investigation Report found that 12 percent of phishing mail recipients will click on a link or attachment in under four minutes. And the Presidential Executive Order on Cybersecurity noted that “Known but unmitigated vulnerabilities are among the highest cybersecurity risks.” However, despite understanding the risks, many organizations struggle to maintain consistent security policies and practices that would ensure protection against known threats. Why? I believe it’s ultimately a question of risk management culture and resourcing. Cybersecurity is a practice, requiring consistency and repeatability — goals which are difficult to achieve where humans are involved. Adding to that, when security is successful, it is also invisible, which can impact resource prioritization. Though we know what we should […]

The post How Microsoft’s Azure platform can help agencies with the Cybersecurity EO appeared first on Cyberscoop.

Continue reading How Microsoft’s Azure platform can help agencies with the Cybersecurity EO→