Cyber attacks against government agencies and businesses in the United States continue to rise, and cyber threats will one day surpass the danger of terrorism to the United States, FBI Director Mueller reported today in a recent open hearing of the Senate select intelligence community. READ MORE
Recently in NEWS... Category
"Russia and China are aggressive and successful purveyors of economic espionage against the United States," and "Iran's intelligence operations against the United States, including cyber capabilities, have dramatically increased in recent years in depth and complexity." ... testimony by Director of National Intelligence James Clapper in his prepared testimony (.pdf) to the Senate Select Committee on Intelligence. READ MORE
Director Clapper's prepared statement (.pdf)...
Director Clapper's prepared statement (.pdf)...
The Security and Exchange Commission has now mandated that cyber-incident related disclosures must be made in securities filings. Now, every company under the watchful eye of the agency must disclose its analysis of exposure to a data breach or attack, discussion of material cyber-incidents, description of related legal proceedings and the implications for the firm's financials. READ MORE
SEC Disclosure Guidance
SEC Disclosure Guidance
America the Vulnerable: Inside the New Threat Matrix of Digital Espionage, Crime, and Warfare
Joel Brenner, a former Director of Counterintelligence in the office of the Director of National Intelligence. goes behind the headlines to explore America's next great battleground: digital security. An urgent wake-up call that identifies our foes; unveils their methods; and charts the dire consequences for government, business, and individuals. MORE at Amazon.com ...Auditing Cloud Computing: A Security and Privacy Guide
The auditor's guide to ensuring correct security and privacy practices in a cloud computing environment provides necessary guidance to build a proper audit to ensure operational integrity and customer data protection, among other aspects, are addressed for cloud based resources. The book includes a chapter written by SF Bay InfraGard member and Member of the chapter's Board of Directors, Jeff Fenton! MORE at Amazon.com
A recent article in Nextgov.com reports that in late 2011 a Pacific Northwest transportation entity observed a potential "cyber incident" and reported the incident to DHS/TSA and the FBI. READ MORE
UPDATE: Jan 26, 2012
Railroad Association Says Hack Memo Was Inaccurate
"Extraordinary Claims Require Extraordinary Evidence" ...
I was hoping to see some discussion on this on the secure InfraGard site but alias, nothing!
UPDATE: Jan 26, 2012
Railroad Association Says Hack Memo Was Inaccurate
A government memo saying a railway was hacked in a targeted attack was incorrect, according to a spokeswoman for the Association of American Railroads.
"There was no targeted computer-based attack on a railroad,"
according to spokeswoman Holly Arthur. "The memo on which the story was
based has numerous inaccuracies." READ MORE
"Extraordinary Claims Require Extraordinary Evidence" ...
I was hoping to see some discussion on this on the secure InfraGard site but alias, nothing!
DigitalBond, a SCADA security company that led the
research, said ... "We felt it was important to provide tools that showed critical
infrastructure owners how easy it is for an attacker to take control of
their system with potentially catastrophic results," .Vulnerabilities were reported in widely used programmable logic controllers (PLCs) made by General Electric, Rockwell Automation, Schneider Modicon, Koyo Electronics and Schweitzer Engineering Laboratories. READ MORERELATED:
What me worry? A security researcher was able to locate and map more than 10,000 industrial control systems hooked up to the public internet, including water and sewage plants, and found that many could be vulnerable to easy hack attacks. READ MORE
DHS is taking over control of the Pentagon project that shared classified intelligence with select military contractors and their communications providers, DIB Cybersecurity Pilot.
The new arrangement puts DHS, the civilian agency responsible for facilitating the protection of private critical infrastructure, in charge of communicating with private Internet service providers. The Defense Department will continue to be the point of contact for contractors, officials said. MORE INFO
DHS Joint Cybersecurity Services Pilot (JCSP)
The new arrangement puts DHS, the civilian agency responsible for facilitating the protection of private critical infrastructure, in charge of communicating with private Internet service providers. The Defense Department will continue to be the point of contact for contractors, officials said. MORE INFO
DHS Joint Cybersecurity Services Pilot (JCSP)
The U.S. Department of Energy has announced an initiative to further protect the electrical grid from cyber attacks. The "Electric Sector Cybersecurity Risk Management Maturity" project, a White House initiative led by the Department of Energy in partnership with the Department of Homeland Security (DHS), will leverage the insight of private industry and public sector experts to build on existing cybersecurity measures and strategies to create a more comprehensive and consistent approach to protecting the nation's energy delivery system. MORE INFO
White House Blog - Protecting the Nation's Electric Grid from Cyber Threats...
White House Blog - Protecting the Nation's Electric Grid from Cyber Threats...
There are several versions of proposed cybersecurity legislation still working their way through congress, MORE INFO ...Jan 13, 2012 / UPDATE : Concerns growing that draft cyber bill gives DHS controversial authorities, MORE INFO
DHS has released a new cybersecurity strategy document with a
two-pronged approach: protecting critical infrastructure today and
building a more secure cybersecurity ecosystem for the future. READ MOREBlueprint for a Secure Cyber Future (.pdf)
