Collaborate Disseminate
Not long ago, an official from the former Obama administration warned that the US is the most vulnerable nation to cyberattacks. While the Trump administration appeared to be making some efforts to redefine the role and authority of the CISO, something… Continue reading Trump casts doubt on Justice Department investigation; wants joint cybersecurity team with Russia
The cybersecurity industry is in desperate need of more “bureaucracy hackers” — individuals within federal and state governments who are authorities on the intricacies of policy creation and the nature of today’s rapidly-evolving technology and threat landscapes. To understand why, look no further than Georgia State Bill 315: Introduced in the Georgia state senate earlier this month, the bill has the entire cybersecurity community shaking its head in disbelief. In short, the bill is modeled after the highly-controversial Computer Fraud and Abuse Act, which makes accessing a network or computer without authorization illegal – even if there is no theft or damage. While many parts of the U.S. government are advancing cybersecurity by adopting industry’s best practices, such as allowing security researchers to identify and disclose vulnerabilities that make us all safer, Georgia is closing the door to these folks. Sen. Mark Warner’s IOT Improvement Act is another clear example: Drafted […]
The post Cybersecurity policymaking is out of focus. Bureaucracy hackers can help. appeared first on Cyberscoop.
Continue reading Cybersecurity policymaking is out of focus. Bureaucracy hackers can help.
Thursday is “Change Your Password Day,” a national observance of password security and best practices. Passwords are often the first line of defense protecting users from criminals with the malicious intent of invading systems and stealing … Continue reading Survey: Few Americans Are Taking Proper Password Security Precautions
NIST Special Publication 800-53 isn’t the most exciting book, but for federal IT managers, the canonical catalogue of cybersecurity controls is like the English Hymnal and the Book of Common Prayer rolled into one. Changes to it are a very big deal. The latest version, put together by top federal scientists from the U.S. National Institute for Standards and Technology, incorporates privacy controls as well, one of its principal authors told CyberScoop. “It’s a leap ahead document,” NIST Cybersecurity Advisor Ron Ross said of the new draft of NIST SP 800-53: “Security and Privacy Controls for Federal Information Systems and Organizations.” Ross and other cyber experts from NIST last week briefed the agency’s Information Security and Privacy Board about the latest, long-awaited set of proposed revisions to the magisterial index of security controls — 800-53 Rev5. SP 800-53 lists the security controls federal managers have to choose from to ensure their IT systems comply with the security standards […]
The post What’s in the NIST cybersecurity controls catalogue update? appeared first on Cyberscoop.
Continue reading What’s in the NIST cybersecurity controls catalogue update?
One of President Donald Trump’s early cybersecurity actions will be a public call for internet companies to collaborate to stop the scourge of botnets — massive networks of compromised computer hardware weaponized by hackers. “I believe we can radically reduce the number of botnets in this country,” White House homeland security adviser Thomas Bossert said Wednesday. “I believe that’s a voluntary effort … The president will call for that publicly,” he said at a Center for Strategic and International Studies event Wednesday. Bossert said collaboration among internet service providers or ISPs, social media companies and web search engines could identify internet traffic from botnets and “shunt it aside.” Botnets of compromised devices are controlled by hackers known as bot herders, and virtually anything that connects to the internet can be vulnerable. The networks can be used to send vast quantities of fraud-laden spam email, and they also can generate huge attacks targeting a website with constant […]
The post Trump will call for private sector war on botnets, aide says appeared first on Cyberscoop.
Continue reading Trump will call for private sector war on botnets, aide says
 |
|
| George Washington University’s Center for Cyber and Homeland Security (CCHS), a “think and do” tank responsible for carrying out research and analysis on homeland security, counter-terrorism, and cybersecurity issues, has recently released a new report entitled “Into the Gray Zone: The Private Sector and Active Defense against Cyber Threats”.
Categories: Tags: active defensecybersecurity policyprivacysecurity frameworkSMBstudy |
Continue reading New cybersecurity report focuses on the private sector