Department of Homeland Security Logo

In late July 2018, the Department of Homeland Security (DHS) announced the creation of the National Risk Management Center, a new organization dedicated to threat evaluation particularly as they pertain to potential hacking against the U.S. critical infrastructure.  According to news reports, the center will initially commence with narrowing its focus on the energy, finance, and telecommunications sectors.  This new initiative is designed to improve risk assessment across the critical infrastructures and serve as the primary “one-stop shop” to help private companies manage their cyber security risks.

 

Coinciding with this announcement is the Congress-lead “DHS Cyber Incident Response Teams Act of 2018” that seeks to create permanent incident response and threat hunting teams in the DHS.  Such a bill further empowers DHS to help improve cyber security via trained professionals to mitigate and remediate cyber incidents against Federal entities and critical infrastructure entities.  The bill passed the House of Representatives on March 19, 2018 and goes to the Senate for its consideration.

Continue reading

??? Women in cybersecurity 2018

In 2018 the number of cyber threats is rising every day, but there are still many gaps that needs to be filled in the world of cybersecurity. There is definitely a talent shortage as many people still think that there is no place for women in information security. Currently, women represent only 11 percent of the cybersecurity force worldwide.

As we already hear and read news related to cyber warfare and espionage on a daily basis, maybe it’s the right time for women in cybersecurity to step in and help to solve more related cyber problems. Although some people may say that the lack of interest is the main reason why there isn’t many women in InfoSec there is a huge potential for this to change in the future. We from CyberDB have created a list with some of the top women in cybersecurity so you can learn more about them and their accomplishments. Feel free to check it out!

Continue reading

IoT Infogram

Internet of Things (IoT) security is the latest product category to emerge in cybersecurity. Even though this is a relatively new segment of the security market, it has already diversified and includes multiple vendors.

What is IoT?

IoT is the latest group of Internet-enabled devices to be added to the technology world. At first there were mainframes, then desktops and laptops, and finally mobile devices came along. All of these products are well-defined and require no further explanation.

IoT, however, is comprised of every Internet-connected device that is not mentioned above, including smart home appliances, water meters, security cameras, smart-city devices and many more. These devices are basically miniature computers running on Linux devices, with some computing power and the ability to communicate via web protocol (i.e. they have an IP address).

Smaller, less sophisticated connected devices are also part of the IoT landscape. These often function as sensors, are equipped only with short range communication capabilities and are deployed in a mesh configuration, meaning that they communicate with the Internet using an IoT gateway, which is an industrial modem with some compute power.

Continue reading

Cyber threat

Thus far, there has been no confirmed retaliatory cyber strikes conducted by a victimized government against a suspected aggressor state.  There has been some speculation that after the Sony Pictures attack, the United States “knocked” North Korea off the Internet for a brief period of time, although this has never been corroborated.  Despite being a cyber power, the United States has demonstrated restraint in punishing against those transgressor states it believes to have been orchestrators of cyber attacks against its interests, preferring to level sanctions as a punitive alternative.

The question that governments ask is how to deter hostile acts in cyberspace?  And while an important question to raise, perhaps the reality is that there is no viable answer.  There is a reason why international efforts continually fail when trying to gain consensus on cyber norms, Internet governance, and the legalities and criteria of hacking back – there is lack of a fundamental desire to actually find a solution.  Governments willing to agree to the standards and principles of any of these issues are stating their willingness to abide by them, and while that may fit the current situation, the dynamism of cyberspace has proven unpredictable.  Being cuffed to such an agreement that no longer has relevance while other governments operate without constraints is not an ideal situation.  Therefore, without an agreement in place, the status quo remains.

Continue reading

Best Cybersecurity Books 2018

There are tons of books on our favorite topic, but it’s always impossible to squeeze them all into one cybersecurity book list. On top of that not all of them are good enough to feature them on CyberDB. We have created a list with the must-reads cybersecurity books 2018. Some of them are in print for years, but it’s never too late to read them now. If you think that we have missed something, feel free to contact us and share your recommendations! Without further delay and in no particular order here is our list:

Continue reading

Russian Flag Hacker

A recent interview of Russian President Vladimir Putin revealed insight into his – and by extension – Russia’s views concerning cyber attacks, and really the cyber domain, as a whole.  Made at a joint press briefing with France’s president, when asked about alleged interference in the 2016 U.S. presidential election, Putin remarked: “Action always causes reaction” and that “If one does not want to get a reaction he does not like, rules for actions need to be set.”  Putin pointed out that in the early days of nuclear weapons, governments had found a way to negotiate guidelines on their use, an effort that should be replicated in today’s political climate.  While not necessarily as catastrophic as nuclear weapons, the potential impact is similar in that the disruption and/or destruction of interconnected information technology can potentially impact millions of people.  The implication is certainly clear: an international understanding needs to be done sooner rather than later.

These public pronouncements of the Russian president are noteworthy as they provide insight into not only how Russia views the activities that transpire in cyberspace but express a potential avenue of engagement for world leaders to approach Russia on these issues.  Cyber norms and discussions of how states have been ongoing in international forums.  The preferred U.S. approach – via the United Nations Group of Experts in the Field of Information and Telecommunications in the Context of International Security (GGE) – notably stalled in June 2017, calling into question if this Western-preferred approach to establishing norms will succeed under this umbrella.

Continue reading

Cybersecurity podcast

In the past couple of years podcast are gaining popularity and are one of the easiest and most convenient way to learn the latest news and information.

Cybersecurity podcasts didn’t have a particular influence on the boom of podcast popularity as a whole, but there are still plenty of good shows that deserve your attention. Many IT people from simple observes to some of the biggest experts in the field have used this method to provide useful advices to the audience. Even some of the major enterprises are looking for the best cybersecurity podcasts to listen and take care for their IT infrastructure.

On CyberDB we have created a fresh list with some of the best podcasts related to cyber and information security. Check it out next time when you have some free time or even when you are stuck in traffic and want to learn something useful. These shows cover everything from simple endpoint and data security matters to comprehensive security operations and incidents. You are about to find a great range of topics, different opinions and anything that suits your listening needs. With so many great podcasts out there it’s impossible to feature them all in our list. Feel free to contact us if you want to share with us your favorite cybersecurity podcasts and include them in our list.

Continue reading

American Cyber Flag

In May 2018, the White House eliminated the position of National Cybersecurity Coordinator.  The move has been met with much pushback from some in the cybersecurity community and even politicians.  Democratic lawmakers were seeking to propose legislation to restore the position.  In a statement made by the National Security Council the move was to “streamline management in order to improve efficiency, reduce bureaucracy, and increase accountability.”  Nevertheless, given the fact that many security officials including the Director of National Intelligence have identified cyber threats as a national security priority, the removal of this position is largely considered a step backward and not forward.  However, this may be more of a kneejerk reaction than an honest assessment of the roles and responsibilities that have been undertaken by those individuals appointed to the position.

With roots starting as early as 1997, the position first emerged in 2009 and has had three individuals in the role of Cybersecurity Coordinator – Howard Schmidt (2009-2012), Michael Daniel (2012-2017), and Rob Joyce (2017-2018), who is looking to return to the National Security Agency (NSA).  The Cybersecurity Coordinator has been primarily a policy position lacking any day-to-day authority over any of the groups working on cyber security.  Critics have pointed out that while the Cyber Coordinator can make recommendations, the position has no direct authority as far as budgeting is concerned, nor can the position compel agencies to comply with guidelines.  This has been a systematic problem with the position – it can make all of the recommendations it wants, but if it cannot compel agencies to implement them within a specified amount of time, the title becomes largely ceremonial.  Government Accounting Office reports on government cybersecurity efforts consistently find shortcomings in the federal government’s approach to ensuring the security of federal information systems and cyber critical infrastructure.

Continue reading

cyber battle fatigue

There is much concern about the realities of “Cyber Battle Fatigue” – a condition resulting from a never-ending process of defending networks and sensitive information from an onslaught of cyber attacks conducted by cyber criminals, cyber espionage actors, and hacktivists. These attackers continue to use a wide variety of tactics, tools, and procedures that span from being unsophisticated to very sophisticated and continue to have more successes than failures. Two things are certain in a constantly-changing domain – that no business that operates online is immune to being targeted, and two, the cyber security talent pool is sparse, and is contributing to the cyber battle fatigue reality.

The numbers are staggering and continue to outperform previous activity. In 2017, ransomware attacks demonstrated how prolific just one type of attack was. The WannaCry outbreak impacted computers in more than 150 countries that cost approximately USD $ 4 billion. According to one U.S. IT Company, in 2017, some notable cybercrime statistics illustrate the challenges facing those network defenders:

Continue reading

Russian-hacker-group-pokemon-go

The online activities surrounding the 2016 U.S. Presidential election revealed a swath of suspicious postings on social media outlets that ranged from deliberate false information (e.g., one candidate running a child sex ring; another candidate’s followers making anti-Islam chants at a rally) to purchased ads on social media platforms like Facebook (e.g., promoting gay rights, issues related to the African-American community, immigration, to name just a few).  In some instances, candidates were attacked via purchased ads.  While there has been much furor about this, the truth is that this type of online content is nothing that people haven’t already seen.

During any campaign, negative print and media ads are often directed against political opponents, and the Internet is not bereft of millions of users willing to promote their viewpoints or engage in vociferous debate with people holding alternative or opposing viewpoints.  Social media has facilitated the ability for anyone with an Internet connection to express themselves and put forward a message to a widely dispersed audience within a specific geography.  People can either listen, ignore, support, or push back on what’s being transmitted.  The big fear that the mastermind behind all of these ads was intent on swaying constituents to vote for a particular candidate is a concern that has yet to be fully verified.

Continue reading