Cyber Security News in Review

Security News ThreatsCybercrime Uncategorized
cyber security news

This week’s cybersecurity news in review includes attempted attacks against U.S. power companies and NSA systems, and the latter’s possible Kaspersky link; Trump’s pick to head DHS and the department’s new cyber dashboard capabilities; the new streamlined cloud approval process using FedRAMP Tailored; DoD’s accelerated push for cloud adoption and CYBERCOM’s new planning cells for offensive/defensive ops; and Congress’ push to incentivize small business use of a cyber framework. There is also coverage of various surveys and reports on: cloud user practices and exposures; federal agency infosec flaws; private sector and FDIC breaches; IRS legacy IT system challenges; state cyber practices; and projections for global biometric and identity management growth. 

 

U.S. power companies targeted by North Korean cyber spies

Dark Reading says FireEye has issued an alert that North Korean hackers have made spear phishing attempts against U.S. electrical power companies in an apparent attempt to gauge vulnerability for a future attack.  Read more…

NSA cyber tools obtained by Russian hackers; possible link to Kaspersky software

Cyberscoop reports that Russian spies hacked an NSA employee’s home computer via Kaspersky Lab antivirus software on the PC, and classified NSA information and cyber tools and code were compromised. Read more…

New DHS Sec has unique cyber and homeland security credentials

White House Deputy Chief of Staff Kirstjen Nielsen is President Trump’s pick to become Secretary of Homeland Security. Next Gov reports on Nielsen’s extensive cyber security background and experience in homeland security issues. Read more…

Cyber dashboard will give DHS ability to assess vulnerabilities in other departments and agencies

Next Gov says the Department of Homeland Security is preparing to activate a cyber dashboard which will allow DHS officials to see what software is running in other non-defense agencies, as well as potential vulnerabilities.  Read more…

FedRAMP Tailored to provide faster cloud approvals

According to GCN, the Federal Risk and Authorization Management Program is now offering FedRAMP Tailored, which will provide quicker approval for cloud service providers with low-impact software-as-a-service offerings. Read more…

Pentagon pushes hard for accelerated shift to cloud

Defense Systems reports that the Deputy Secretary of Defense has issued a memo directing all of DoD to move aggressively to accelerate migration to cloud technologies and to use commercial sector IT innovations whenever possible. Read more…

New CYBERCOM planning cells to coordinate offensive, defensive cyber ops

C4ISR & Networks says the U.S. Cyber Command has stood up Cyber Operations-Integrated Planning Elements, forward-deployed planning cells within the combatant command staffs, to help coordinate both offensive and defensive cyber operations.  Read more…

Congress pushing for cyber help to small businesses using NIST Cyber Framework

According to The Hill, the U.S. House of Representatives has joined the Senate in approving similar bills requiring NIST and other agencies to work to give cybersecurity guidance, tools and best practices to small businesses choosing to use the NIST Cyber Security Framework.  Read more…

Survey: Cloud user exposures increasing, negligence continues

Dark Reading reports on a new “Cloud Security Trends” survey which finds that more businesses using cloud services are accidentally exposing their data, and they are also negligent in addressing cloud vulnerabilities in the cloud and the risks of compromised users, Read more…

GAO: Federal agencies still have infosec flaws, haven’t acted on previous recommendations

FedScoop reports on a new GAO study which concludes numerous federal agencies are weak in five key information security control areas, and criticizes agencies for not having moved to implement previous recommendations to address such deficiencies.  Read more…

Over half of U.S. companies report being hacked; increased spending required to offset damage

Over fifty percent of American businesses reported that they were hacked over the past year, according to a new survey, and Fifth Domain reports that these companies subsequently spent “a considerable sum of money” in address the resulting damage. Read more…

FDIC Inspector General: Over 50 suspected or confirmed breaches, flawed practices still exist

The FDIC’s Office of Inspector General reports the agency had 54 suspected or confirmed breaches in the past two years, but it took over nine months on average to notify the roughly 113,000 potentially impacted individuals.  According to Dark Reading, the OIG criticized several other FDIC cyber practices.  Read more…

IRS legacy systems pose ongoing and significant challenges

According to a report by Federal News Radio, the IRS’s continued reliance on outdated legacy IT systems, including some of the oldest systems in the federal government, poses greater challenges than the ongoing effort to consolidate legacy IT systems into one commercial off-the-shelf platform.  Read more…

Annual NASCIO survey shows states adopting shared services model, cyber framework

GCN reports on an annual survey of state CIOs which found that a shared services model is quickly becoming a new normal for states. It also found that 95 percent of the CIOs have adopted a cybersecurity framework based on national standards and guidelines, up from 78 percent a few years ago. Read more…

Global biometrics, identity management market growth to remain strong

A new Research and Markets report says the global biometrics and identity management market is projected to grow by over 19 percent annually (compounded) through the year 2025. Key factors include increasing government adoption of biometrics systems and biometric tech advances, and continued growth in BYOD.  Read more…

Robert DuPree

Robert DuPree is the manager of government affairs at Telos Corporation. Follow him on Twitter: @RFDuPree See full bio…

The Empower and Protect Blog brings you cybersecurity and information technology insights from top industry experts at Telos.

https://multimedia.telos.com/blog/cyber-security-news-review/

Tagged