summary for facility management professional, building owners and IT professionals who are interested in building security and Facility IT.
Introducing the Managed BACnet Primer, a document created by BAS industry collaboration to provide holistic cybersecurity for BAS systems. Managed BACnet is an industry-wide, interoperable, and resilient framework to manage BAS/OT systems and devices securely, using IT infrastructure and best practices, from small single commercial buildings to multi-site global portfolios. Learn more in Managed BACnet Primer
Could 2021 be the year that healthcare finally gets smart about cybersecurity? Many in the industry say real change needs to happen as the situation has become a matter of life and death. Learn More
The IoT Cybersecurity Improvement Act has been officially signed into law. The bipartisan legislation, sponsored by Reps. Robin Kelly, D-Ill., and Will Hurd, R-Texas, and Sens. Mark Warner, D-Va., and Cory Gardner, R-Colo., requires that any IoT device purchased with government money meet minimum security standards.
Reportedly, the Act would address the supply chain risk to the federal government stemming from insecure IoT devices by establishing light-touch, minimum security requirements for procurement of connected devices by the government, and specifically. Learn More
Interestingly, a similar question was also recently posed by CISO Extraordinaire, Daniel Hooper on LinkedIn. He asked, “CISO friends, what’s the one thing you wish you had in your program?” and the replies he got ranged from the practical, to the esoteric, to really funny, but all were very telling.
Here are the top 3 wishes taken from what we heard from the CISOs we spoke with directly, combined with the comments from this LinkedIn thread: Learn More
New model shows why countries that retaliate too much against online attacks make things worse for themselves. Read More
As companies increasingly adopt remote workforce models and implement new technologies as a result of the pandemic, the demand for cybersecurity experts has accelerated, presenting workers a chance to reskill themselves for those jobs, Thomas Russell, cyber education program manager for the National Cybersecurity Center, told EdScoop. Read More
The NIST released a draft about Identifying and Estimating Cybersecurity Risk for Enterprise Risk Management. In particular, the draft provides information on risk guidance, identification, and analysis, while offering examples and information to illustrate risk tolerance, risk appetite, and methods for determining risks. Read More
SolarWinds exposed their FTP server credentials in a public Github repo, which was identified by cybersecurity expert Vinoth Kumar who reported it to SolarWinds in 2019. Did some poor security practices lead to the US Government breach? Read More
Comments will be approved before showing up.