- Obama’s $19B Cybersecurity plan takes aim at cybercrime, underscores skills gap (SearchCIO): President Obama recently unveiled a Cybersecurity National Action Plan (“CNAP”) which is a highlight of the budget being proposed for the 2017 fiscal year, according to a SearchCIO article by Francesca Sales. The article indicates that some of the key areas of CNAP include: (1) an increase in federal cybersecurity funding of 35%, (2) a $3.1B plan to overhaul the government’s legacy IT systems and servers, (3) Research & Development initiatives to build next-gen cybersecurity technologies, (4) the creation and appointment of a Federal Chief Information Security Officer (“CISO”), and (5) the creation of a corps of cybersecurity professionals many of which will be recruited from the private sector. The full article can be found here.
- US IT Professionals overconfident in Cyberattack detection (ComputerWeekly.com): A recent study of IT professionals revealed that nearly 2/3 of respondents were uncertain of how long it would take automated tools to generate an alert, whereas 23% stated that only 90% of the hardware assets deployed on their networks are automatically discovered, according to the article by Warwick Ashford. Furthermore, nearly half of the survey-takers who worked for the federal government said that even within a 15-30 period, not all detected vulnerabilities are remediated, according to the article. Equally alarming, and related to users exceeding their authorized privileges, approximately 2/5 of mid-market entities do not detect all attempts to access files on local or network-accessible file shares by users that do not have the appropriate privileges, according to the article, the full text of which can be found here.
- Secure Your Plant: Managing Risk Posed by Hackers that Target IIOT (PLANT Advancing Canadian Manufacturing): As though there weren’t enough fears surrounding US and international infrastructure, a recent article by PLANT indicates that the Industrial Internet of Things (IIoT) introduces an enhanced risk by remote hackers that can infiltrate a plant’s network and wreak havoc. The article indicates that the existing and continued adoption of industrial controls (“IC”) systems which were originally built for sustainability and not cybersecurity represent an emerging cyber threat for industrial facilities. This article states that this threat is more than theoretical as witnessed by a German steel factory that experienced a targeted attack that caused severe physical damage to the facility. Apparently, the attackers gained access to the factory’s computerized operational controls and production networks and disrupted the control operations for a blast furnace which caused an explosion and massive damage to the system, according to the article. The full text of the article is here.
Leave a Reply