Tel: +1-617-350-7550

Menu 0
Cybersecurity Recap December 2020

Cybersecurity Recap December 2020

December 15, 2020

Curated cybersecurity news

summary for facility management professional, building owners and IT professionals who are interested in building security and Facility IT.

 

Happy Upcoming Holidays! What is new in this last month of this year in Cybersecurity?

 

Managed BACnet Introduction

Introducing the Managed BACnet Primer, a document created by BAS industry collaboration to provide holistic cybersecurity for BAS systems. Managed BACnet is an industry-wide, interoperable, and resilient framework to manage BAS/OT systems and devices securely, using IT infrastructure and best practices, from small single commercial buildings to multi-site global portfolios. Learn more in Managed BACnet Primer

Healthcare: From weaponized AI to threats against the vaccine rollout, here are 6 cybersecurity trends to watch in 2021

Could 2021 be the year that healthcare finally gets smart about cybersecurity? Many in the industry say real change needs to happen as the situation has become a matter of life and death. Learn More

IoT Cybersecurity Improvement Act signed into law

The IoT Cybersecurity Improvement Act has been officially signed into law. The bipartisan legislation, sponsored by Reps. Robin Kelly, D-Ill., and Will Hurd, R-Texas, and Sens. Mark Warner, D-Va., and Cory Gardner, R-Colo., requires that any IoT device purchased with government money meet minimum security standards. 

Reportedly, the Act would address the supply chain risk to the federal government stemming from insecure IoT devices by establishing light-touch, minimum security requirements for procurement of connected devices by the government, and specifically. Learn More

A CISO’s Cybersecurity Wishlist

Interestingly, a similar question was also recently posed by CISO Extraordinaire, Daniel Hooper on LinkedIn. He asked, “CISO friends, what’s the one thing you wish you had in your program?” and the replies he got ranged from the practical, to the esoteric, to really funny, but all were very telling.

Here are the top 3 wishes taken from what we heard from the CISOs we spoke with directly, combined with the comments from this LinkedIn thread: Learn More

A free suite of cybersecurity products for schools

Cyber Defense Support for Public K-12 Schools: The Multi-State Information Sharing and Analysis Center® (MS-ISAC®) is the focal point for cyber threat prevention, protection, response, and recovery for the nation’s state, local, territorial, and tribal (SLTT) governments. Membership is open to all K-12 public schools in the U.S.

A division of the Center for Internet Security® (CIS®), the MS-ISAC collaborates and shares cybersecurity information among its 10,000 members, the U.S. Department of Homeland Security (DHS), and private sector partners.

This network is an extremely beneficial resource to keep educational institutions informed of the latest cyber threats. By joining the MS-ISAC, K-12s join more than 2,000 public schools and districts who share cybersecurity information to improve their readiness against common threats at no cost. Read More

MIT: A better kind of cybersecurity strategy

New model shows why countries that retaliate too much against online attacks make things worse for themselvesRead More

Demand for cybersecurity training grew during pandemic, says National Cybersecurity Center

As companies increasingly adopt remote workforce models and implement new technologies as a result of the pandemic, the demand for cybersecurity experts has accelerated, presenting workers a chance to reskill themselves for those jobs, Thomas Russell, cyber education program manager for the National Cybersecurity Center, told EdScoopRead More

NIST: Identifying and Estimating Cybersecurity Risk for Enterprise Risk Management (ERM)

The NIST released a draft about Identifying and Estimating Cybersecurity Risk for Enterprise Risk Management. In particular, the draft provides information on risk guidance, identification, and analysis, while offering examples and information to illustrate risk tolerance, risk appetite, and methods for determining risks. Read More

SolarWinds exposed FTP credentials in Public Github Repo: US Government Breach

SolarWinds exposed their FTP server credentials in a public Github repo, which was identified by cybersecurity expert Vinoth Kumar who reported it to SolarWinds in 2019. Did some poor security practices lead to the US Government breach? Read More



Leave a comment

Comments will be approved before showing up.

Also in Cimetrics News

May 2022 Newsletter
May 2022 Newsletter

June 02, 2022

SbC Local Network/Security Manager, Cimetrics CEO presents Smarter Buildings presentation at Realcomm and IT Industry Technologies and Best Practices at ASHRAE annual conference, July Analytika User forum and more...

Read More

Cybersecurity News May 2002
Cybersecurity News May 2002

May 31, 2022

Cybersecurity mesh, agribusiness cybersecurity, EU Network and Information systems directive and more...

Read More

April 2022 Newsletter
April 2022 Newsletter

May 03, 2022

What is new this month with cybersecurityNational Institute of Standards and Technology (NIST) revised cybersecurity supply-chain guidance, Tenet Health cybersecurity incident, Poisoned AI, U.S. Department of Energy (DOE) cybersecurity research projects and more...

Read More