Recently in REPORTS... Category

Cyber attacks against government agencies and businesses in the United States continue to rise, and cyber threats will one day surpass the danger of terrorism to the United States, FBI Director Mueller reported today in a recent open hearing of the Senate select intelligence community. READ MORE

"Russia and China are aggressive and successful purveyors of economic espionage against the United States," and  "Iran's intelligence operations against the United States, including cyber capabilities, have dramatically increased in recent years in depth and complexity." ... testimony by Director of National Intelligence James Clapper in his prepared testimony (.pdf) to the Senate Select Committee on Intelligence.  READ MORE

Director Clapper's prepared statement (.pdf)...
PLC-Vulns.jpgDigitalBond, a SCADA security company that led the research, said ... "We felt it was important to provide tools that showed critical infrastructure owners how easy it is for an attacker to take control of their system with potentially catastrophic results," .Vulnerabilities were reported in widely used programmable logic controllers (PLCs) made by General Electric, Rockwell Automation, Schneider Modicon, Koyo Electronics and Schweitzer Engineering Laboratories.  READ MORE


What me worry?  A security researcher was able to locate and map more than 10,000 industrial control systems hooked up to the public internet, including water and sewage plants, and found that many could be vulnerable to easy hack attacks.  READ MORE

DHS is taking over control of the Pentagon project that shared classified intelligence with select military contractors and their communications providers, DIB Cybersecurity Pilot.

The new arrangement puts DHS, the civilian agency responsible for facilitating the protection of private critical infrastructure, in charge of communicating with private Internet service providers. The Defense Department will continue to be the point of contact for contractors, officials said.   MORE INFO

DHS Joint Cybersecurity Services Pilot (JCSP)

QuakeSmart Toolkit

fema_p_811_dvd.jpgQuakeSmart is an initiative that was developed by FEMA NEHRP to help businesses in qslogo2.jpgat-risk seismic communities start and maintain earthquake mitigation efforts. The QuakeSmart Toolkit ( provides actionable and scalable basic guidance and tools to the private sector about the importance of earthquake mitigation and the simple things that they can do to reduce the potential of earthquake damages, injuries, and financial losses. Information contained in this toolkit walks you through a three-step process: 1) identify your risk; 2) make a plan; and 3) take action. The toolkit is not intended to be all-inclusive of available FEMA guidance related to earthquake mitigation and businesses should address all hazards they are exposed to.

This toolkit was specifically developed to encourage businesses to incorporate earthquake mitigation in their decision making and planning process to enhance their all-hazards resilience, particularly from an earthquake event. MORE INFO

If your company is located in the Bay Area you are at risk.  The SF Bay InfraGard chapter is interested in working with your company to help you better understand your risk, Contact:

Blueprint for a Secure Cyber Future

cfyber.jpgDHS has released a new cybersecurity strategy document with a two-pronged approach: protecting critical infrastructure today and building a more secure cybersecurity ecosystem for the future.  READ MORE

Blueprint for a Secure Cyber Future (.pdf)

The White House Office of Science and Technology Policy has released the Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program--a road map to ensuring long-term reliability and trustworthiness of the digital communications network that is increasingly at the heart of American economic growth and global competitiveness. OSTP Press ReleaseDOWNLOAD REPORT (.pdf)

Small Biz Cyber Planner

planner.jpgThe FCC has launched a Small Biz Cyber Planner, an online resource to help small businesses create customized cybersecurity plans. This is the result of an unprecedented public-private partnership between government experts and private IT and security companies, including DHS, NCSA, NIST, The U.S. Chamber of Commerce, The Chertoff Group, Symantec, Sophos, Visa, Microsoft, HP, McAfee, The Identity Theft Council, ADP and others.

The online tool is available at
A GAO study has determined that the Transportation Security Administration (TSA) could improve the usefulness of threat information it disseminates to transportation infrastructure stakeholders while promoting how to acquire that information to more of them. READ MORE

GAO Report, Transportation Security Information Sharing: Stakeholders Generally Satisfied but TSA Could Improve Analysis, Awareness, and Accountability (.pdf)

The Pentagon has finally laid out its most explicit cyberwarfare policy to date, stating that if directed by the president, it will launch "offensive cyber operations" in response to hostile acts.Hostile acts may include "significant cyber attacks directed against the U.S. economy, government or military,".  READ MORE

Update (Added Nov 22, 2011):

DoD Report (.pdf)...

About this Archive

This page is an archive of recent entries in the REPORTS... category.

POLICY is the previous category.

TRAINING is the next category.

Find recent content on the main index or look in the archives to find all content.


Powered by Movable Type 5.12