summary for facility management professional, building owners and IT professionals who are interested in building security and Facility IT.
Agencies will require software vendors to self-certify that they’re following secure development practices under new White House guidance, but it leaves the door open for departments to mandate third-party security assessments as well.
The new guidance from the Office of Management and Budget, “Enhancing the Security of the Software Supply Chain through Secure Software Development Practices,” stems from last year’s cybersecurity executive order.
It applies to agencies’ use of third-party software, in turn affecting the vast array of contractors and software producers in the federal procurement ecosystem. Learn More
The White House tasked the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency to play a key role in deploying new cybersecurity guidelines the Biden administration rolled out Wednesday.
CISA will work with the Office of Management and Budget to create a “common form” that U.S. departments will use to show that software vendors have attested the technology they are selling to the government meets National Institute of Standards and Technology security guidelines. Read more
When it comes to openness in technology, people first think of open source software. But IT professionals can (and should) explore another avenue of openness: open security.
Open security may sound like an oxymoron for many in the cybersecurity field. After all, many security vendors today employ secrecy to guard their threat detection and response methods. But the consequence of this secrecy has created a dangerous monoculture in security, characterized by a general lack of transparency, black-box products, and poor integrations. The prioritization of vendor competition over collaboration to safeguard users further supports the asymmetric advantage held by attackers and ensures one breach can take down an entire ecosystem. Learn More
Artificial intelligence is playing an increasingly important role in cybersecurity — for both good and bad. Organizations can leverage the latest AI-based tools to better detect threats and protect their systems and data resources. But cyber criminals can also use the technology to launch more sophisticated attacks.
The rise in cyberattacks is helping to fuel growth in the market for AI-based security products. A July 2022 report by Acumen Research and Consulting says the global market was $14.9 billion in 2021 and is estimated to reach $133.8 billion by 2030. Learn More
With the right approach and IT infrastructure, employees can become one of the most effective security controls. The key to creating an influential cybersecurity culture is recognizing that people can represent a formidable first line of defense in safeguarding against cyberattacks. Read More
The Cybersecurity and Infrastructure Security Agency (CISA) today announced it will host its 5th Annual Cybersecurity Summit on Tuesday, October 4th in Atlanta, Georgia.
Held in partnership with the Atlanta University Center Consortium (AUCC), the world’s oldest and largest consortium of historically Black colleges and universities, the all-day event will bring together cybersecurity experts and thought leaders from across government, industry and academia for a meaningful dialogue on the state of cybersecurity worldwide and the issues and challenges facing critical infrastructure.
“For the first time ever, we’re taking CISA’s Annual Cyber Summit on the road to the great city of Atlanta to help spread the message that every American has a role to play in the defense of our nation’s cyber landscape,” said CISA Director Jen Easterly. “As a hub for both cybersecurity education and a thriving corporate community, I couldn’t think of a better place than the city of Atlanta to host our annual summit.” Read More
Comments will be approved before showing up.