Cybersecurity Recap December 2020
Curated cybersecurity news
summary for facility management professional, building owners and IT professionals who are interested in building security and Facility IT.
Happy Upcoming Holidays! What is new in this last month of this year in Cybersecurity?
Managed BACnet Introduction
Introducing the Managed BACnet Primer, a document created by BAS industry collaboration to provide holistic cybersecurity for BAS systems. Managed BACnet is an industry-wide, interoperable, and resilient framework to manage BAS/OT systems and devices securely, using IT infrastructure and best practices, from small single commercial buildings to multi-site global portfolios. Learn more in Managed BACnet Primer
Healthcare: From weaponized AI to threats against the vaccine rollout, here are 6 cybersecurity trends to watch in 2021
Could 2021 be the year that healthcare finally gets smart about cybersecurity? Many in the industry say real change needs to happen as the situation has become a matter of life and death. Learn More
IoT Cybersecurity Improvement Act signed into law
The IoT Cybersecurity Improvement Act has been officially signed into law. The bipartisan legislation, sponsored by Reps. Robin Kelly, D-Ill., and Will Hurd, R-Texas, and Sens. Mark Warner, D-Va., and Cory Gardner, R-Colo., requires that any IoT device purchased with government money meet minimum security standards.
Reportedly, the Act would address the supply chain risk to the federal government stemming from insecure IoT devices by establishing light-touch, minimum security requirements for procurement of connected devices by the government, and specifically. Learn More
A CISO’s Cybersecurity Wishlist
Interestingly, a similar question was also recently posed by CISO Extraordinaire, Daniel Hooper on LinkedIn. He asked, “CISO friends, what’s the one thing you wish you had in your program?” and the replies he got ranged from the practical, to the esoteric, to really funny, but all were very telling.
Here are the top 3 wishes taken from what we heard from the CISOs we spoke with directly, combined with the comments from this LinkedIn thread: Learn More
A free suite of cybersecurity products for schools
A division of the Center for Internet Security® (CIS®), the MS-ISAC collaborates and shares cybersecurity information among its 10,000 members, the U.S. Department of Homeland Security (DHS), and private sector partners.
This network is an extremely beneficial resource to keep educational institutions informed of the latest cyber threats. By joining the MS-ISAC, K-12s join more than 2,000 public schools and districts who share cybersecurity information to improve their readiness against common threats at no cost. Read More
MIT: A better kind of cybersecurity strategy
New model shows why countries that retaliate too much against online attacks make things worse for themselves. Read More
Demand for cybersecurity training grew during pandemic, says National Cybersecurity Center
As companies increasingly adopt remote workforce models and implement new technologies as a result of the pandemic, the demand for cybersecurity experts has accelerated, presenting workers a chance to reskill themselves for those jobs, Thomas Russell, cyber education program manager for the National Cybersecurity Center, told EdScoop. Read More
NIST: Identifying and Estimating Cybersecurity Risk for Enterprise Risk Management (ERM)
The NIST released a draft about Identifying and Estimating Cybersecurity Risk for Enterprise Risk Management. In particular, the draft provides information on risk guidance, identification, and analysis, while offering examples and information to illustrate risk tolerance, risk appetite, and methods for determining risks. Read More
SolarWinds exposed FTP credentials in Public Github Repo: US Government Breach
SolarWinds exposed their FTP server credentials in a public Github repo, which was identified by cybersecurity expert Vinoth Kumar who reported it to SolarWinds in 2019. Did some poor security practices lead to the US Government breach? Read More
Leave a comment
Comments will be approved before showing up.
Also in Cimetrics News
Cybersecurity news August 2023
Cybersecurity news July 2023
