ICD Brief 61.
What nations are making progress in addressing the ticking time bombs of The Internet of Things and the Electric Power Grid? Are you keeping moochers and spies off your wi fi network? How are the mega, medium and small enterprises handling IoT and control systems? What’s the latest from the European and international police networks? Read on!
We share three outstanding features: Interviewing Veterans for Cyber-security Positions: What I Look for as a Civilian Employer by Fortinet’s Geoff Kreiling ; Cybersecurity, Regulatory Regimes, and the Intersection of Threat and Innovationby Paul Hastings’ Robert P. Silvers and Sherrese M. Smith and just out today: How to Recover from Cyber Incidents in Government by ICD Advisor Dan Lohrmann.
“Lawmakers in the U.S. government appear to be taking more of an interest in IoT security. It’s a topic of concern for the cybersecurity community, as increasingly more devices are connected to the internet, many with potentially invasive sensors and cameras. Many of these devices are operated by non-tech-savvy users who may not know how to maintain their own device security.”
“The spear-phishing email attack on US electricity companies in September, allegedly by North Korea, was yet another in a growing barrage of cyber incidents faced by the power generating, transmission and supply industry around the world.”
“People love to mooch Wi-Fi. They don’t mean any harm. They just find an unprotected signal and sign on. Why not? It’s free, and nobody will even know. Your neighbor won’t mind if you steal a little broadband to watch Netflix, right?”
“More than a dozen US states now have cyber insurance policies.
As the threat from hackers and cybercriminals intensifies, a growing number of states are buying cyber insurance to protect themselves – and taxpayers.
“It’s expensive. It’s a big budget item for us. But it’s worth it,” said Michael Hussey, Utah’s chief information officer. “You’re seeing breaches now that cost companies and states millions and millions of dollars.”
“The Internet of Things Alliance Australia (IoTAA) has published its general guide for B2C IoT device and service providers, outlining seven principles pertaining to customer protection, accountability, customer empowerment, cyber protection, customer data transparency, data minimisation, and customer data control.”
“Australia’s relative distance from other nations has not made it invulnerable to attack, with Minister for Cyber Security, Dan Tehan, stating the nation must be on constant guard. “We are naive if we think that in Australia we are immune to [cyber attack] threats,” Mr Tehan said.”
In recent conferences Europol has been teaming up with other organisations to ensure a joint law enforcement approach with Interpol to the darkweb and ransomware especially, and with ENISA to meet the challenge of IOT.
“To tackle the full range of cyber threats, including cyber-enabled terrorism, organised cyber crime, subversion of democratic processes and manipulation of opinion, there is an urgent need to redefine what is meant by cyber security, according to Julian King, European commissioner for security union.”
“A new German-Israeli partnership launched in Jerusalem this week promises to upgrade cybersecurity collaboration between the two countries. The Hessian Israeli Partnership Accelerator for Cybersecurity (HIPA)accelerator program will unite 16 teams of cybersecurity experts from the two countries to work on projects related to software, infrastructure and network security. The stated goal of the project is to “trigger the creation of innovation and businesses in cybersecurity in Israel and Germany.”
“Ravi Menon, managing director of the city state’s central bank, the Monetary Authority of Singapore (MAS), reportedly told The Business Times that MAS will look to introduce new cyber rules in a bid to encourage greater adoption of online and digital banking.”
“Many enterprises are complacent about IoT security according to new Forrester research, and most lack device visibility. New research has painted a grim picture for IT personnel dealing with the cyber-security aspects of the Internet-of-Things (IoT). The report from Forrester Consulting and ForeScout has found that 4 out of 5 British organisations are not confident they can see every device on their network.”
“Criminals, rather than hostile foreign powers, remain the biggest cyber-threat to businesses, the head of the Government’s National Cyber Security Centre has warned, as he urged companies to bolster their defences.”
Interviewing Veterans for Cyber-security Positions: What I Look for as a Civilian Employer Geoff Kreiling Fortinet
“Over the last three years, it has been my privilege to be one of the first civilian interview experiences that candidates in our Veterans program go through. For those of you that do not know, Fortinet runs the top Veterans employment program by any pure play security vendor bar none. “
“The growing profile and cost of cyberattacks have put this issue at the top of the corporate agenda, and highlight the potential threat to the data-fuelled architecture of today’s global business environment. The dynamic nature of cybersecurity threats, their pervasiveness, and the frequency of attacks can provoke feelings of helplessness. Nothing could be further from the truth and a leadership mindset that there is nothing to be done is the biggest danger of all.”
“What actions do organizations need to take prepare for cybersecurity incidents? The National Institute of Standards & Technology (NIST) has answers in Special Publication (SP) 800-184, entitled: “Guide for Cybersecurity Event Recovery.” Here’s an exclusive interview with one of the authors.”