I know the guys at Threatgen kind of casually. I went to one of their live training sessions, I play their game, I have read Hacking Exposed: Industrial Controls Systems (two of the authors are principals) and a good portion of Industrial Cybersecurity (one of the officers), and at S4x20 they were gracious enough to introduce me to a number of the conference participants (because I literally know like 3 people in the Cybersecurity world and none of them remember me). ANYWAY, I know these guys, I like them and so I think it's pretty cool that they are expanding their product offerings with an Industrial Cybersecurity E-Learning Portal.
Books -
Honestly I haven't gotten any reading done this week so this is suspended for a few days
Blogs / News -
Cyberscoop - North American utilities drill 'GridEx' brings record turnout — except from supply chain vendors -
A November drill involving electric utilities across North America mimicked the disruptive malware used to cut power in Ukraine in 2016, testing operators’ ability to expunge the malicious code from their systems.
The fictional scenario, revealed Tuesday in a press briefing on the exercise, saw the malware compromise the industrial control systems that utilities use to manage their operations. An electric equipment vendor helped the utilities replace some of the industrial computers that had been “bricked,” or rendered useless, by the malware. (The code was not actually executed on live systems; it was all simulated.)
The intense scenario forced participants to “start implementing their incident response plans” and “really upped the training value for many utilities,” said Matt Duncan, an official at the North American Electric Reliability Corp., the regulator that runs the biennial drill, known as GridEx.
Bloomberg - China Concealed Extent of Virus Outbreak, U.S. Intelligence Says -
China has concealed the extent of the coronavirus outbreak in its country, under-reporting both total cases and deaths it’s suffered from the disease, the U.S. intelligence community concluded in a classified report to the White House, according to three U.S. officials.
The officials asked not to be identified because the report is secret, and they declined to detail its contents. But the thrust, they said, is that China’s public reporting on cases and deaths is intentionally incomplete. Two of the officials said the report concludes that China’s numbers are fake.
Marriott announced another data breach, this one affecting 5.2 million people:
Fifth Domain - The most resilient organizations follow outcome-based cybersecurity -
Outcome-based cyber is a more holistic approach to cyber security than compliance-based cyber. Compliance-based cyber is a comforting checklist of determining a risk profile, setting controls, and measuring compliance to controls. That’s become foundational to cyber security programs, but it’s obviously not sufficient. Outcome-based cyber occurs when an organization is actively and continuously assessing their network and systems and reacting proactively and responsively to what is discovered. The U.S. government is now recognizing this in the Department of Defense’s mandate to suppliers to transition to the new Cybersecurity Maturity Model Certification (CMMC).
This evolution doesn’t remove the need for classical cyber security controls. If an organization is not following some of the NIST SP 800-53 compliant standards, including configuration and privilege management, then that organization will not be secure, and won’t meet CMMC guidance.
No comments:
Post a Comment