Tel: +1-617-350-7550

Cybersecurity Recap December 2020

Cybersecurity Recap December 2020

December 15, 2020

Curated cybersecurity news

summary for facility management professional, building owners and IT professionals who are interested in building security and Facility IT.


Happy Upcoming Holidays! What is new in this last month of this year in Cybersecurity?


Managed BACnet Introduction

Introducing the Managed BACnet Primer, a document created by BAS industry collaboration to provide holistic cybersecurity for BAS systems. Managed BACnet is an industry-wide, interoperable, and resilient framework to manage BAS/OT systems and devices securely, using IT infrastructure and best practices, from small single commercial buildings to multi-site global portfolios. Learn more in Managed BACnet Primer

Healthcare: From weaponized AI to threats against the vaccine rollout, here are 6 cybersecurity trends to watch in 2021

Could 2021 be the year that healthcare finally gets smart about cybersecurity? Many in the industry say real change needs to happen as the situation has become a matter of life and death. Learn More

IoT Cybersecurity Improvement Act signed into law

The IoT Cybersecurity Improvement Act has been officially signed into law. The bipartisan legislation, sponsored by Reps. Robin Kelly, D-Ill., and Will Hurd, R-Texas, and Sens. Mark Warner, D-Va., and Cory Gardner, R-Colo., requires that any IoT device purchased with government money meet minimum security standards. 

Reportedly, the Act would address the supply chain risk to the federal government stemming from insecure IoT devices by establishing light-touch, minimum security requirements for procurement of connected devices by the government, and specifically. Learn More

A CISO’s Cybersecurity Wishlist

Interestingly, a similar question was also recently posed by CISO Extraordinaire, Daniel Hooper on LinkedIn. He asked, “CISO friends, what’s the one thing you wish you had in your program?” and the replies he got ranged from the practical, to the esoteric, to really funny, but all were very telling.

Here are the top 3 wishes taken from what we heard from the CISOs we spoke with directly, combined with the comments from this LinkedIn thread: Learn More

A free suite of cybersecurity products for schools

Cyber Defense Support for Public K-12 Schools: The Multi-State Information Sharing and Analysis Center® (MS-ISAC®) is the focal point for cyber threat prevention, protection, response, and recovery for the nation’s state, local, territorial, and tribal (SLTT) governments. Membership is open to all K-12 public schools in the U.S.

A division of the Center for Internet Security® (CIS®), the MS-ISAC collaborates and shares cybersecurity information among its 10,000 members, the U.S. Department of Homeland Security (DHS), and private sector partners.

This network is an extremely beneficial resource to keep educational institutions informed of the latest cyber threats. By joining the MS-ISAC, K-12s join more than 2,000 public schools and districts who share cybersecurity information to improve their readiness against common threats at no cost.
 Read More

MIT: A better kind of cybersecurity strategy

New model shows why countries that retaliate too much against online attacks make things worse for themselvesRead More

Demand for cybersecurity training grew during pandemic, says National Cybersecurity Center

As companies increasingly adopt remote workforce models and implement new technologies as a result of the pandemic, the demand for cybersecurity experts has accelerated, presenting workers a chance to reskill themselves for those jobs, Thomas Russell, cyber education program manager for the National Cybersecurity Center, told EdScoopRead More

NIST: Identifying and Estimating Cybersecurity Risk for Enterprise Risk Management (ERM)

The NIST released a draft about Identifying and Estimating Cybersecurity Risk for Enterprise Risk Management. In particular, the draft provides information on risk guidance, identification, and analysis, while offering examples and information to illustrate risk tolerance, risk appetite, and methods for determining risks. Read More

SolarWinds exposed FTP credentials in Public Github Repo: US Government Breach

SolarWinds exposed their FTP server credentials in a public Github repo, which was identified by cybersecurity expert Vinoth Kumar who reported it to SolarWinds in 2019. Did some poor security practices lead to the US Government breach? Read More

Leave a comment

Comments will be approved before showing up.

Also in Cimetrics News

December 2021 Newsletter
December 2021 Newsletter

December 30, 2021

AHR 2022 Las Vegas, Cybersecurity webinar recording, Utilizing Building Analytics & Monitoring-Based Commissioning for ISO50001 Energy Management webinar, Analytika User forum and more...

Read More

Cybersecurity recap December 2021
Cybersecurity recap December 2021

December 20, 2021

What To Expect in Cybersecurity in 2022, Cybersecurity spending trends for 2022, White House issues letter on holiday cybersecurity, Cybersecurity solutions roundup 2021 and more.

Read More

Cimetrics at AHR 2022 Las Vegas
Cimetrics at AHR 2022 Las Vegas

December 16, 2021

At the AHR Expo 2022 in Las Vegas, Cimetrics will continue its mission to be the industry’s leading provider of cybersecurity technologies, products, and expertise for building automation systems and BACnet. Join the Cimetrics team at AHR Expo 2022 at booth C1458.

Read More