July 27, 2021
summary for facility management professional, building owners and IT professionals who are interested in building security and Facility IT.
A successful ransomware attack on a single company has spread to at least 200 organizations and likely far more, according to cybersecurity firm Huntress Labs, making it one of the single largest criminal ransomware sprees in history.
The attack is believed to be affiliated with the prolific ransomware gang REvil and perpetuated through Kaseya, an international company that remotely controls programs for companies that, in turn, manage internet services for businesses. Learn More
Ransomware has been front-page news this year, with massive attacks on the Colonial Pipeline and the global meat-producer and supplier JBS. Over the 4th of July weekend, there was an attack on Kaseya, a technology company few people outside the managed services industry had ever heard of. But while Kaseya is a relatively small company, it provides a powerful case study. The way Kaseya responded to their ransomware attack can offer some helpful insights for what to do if you are attacked. Read more
In its version of the 2022 defense authorization bill, the Senate Armed Services Committee called for more cyber authorities and domestic production of critical materials.
The committee's bill includes a $268.4 million increase to the $10 billion budget request to support the Defense Department's cybersecurity efforts. It also requires DOD to assess its policy and capabilities needed to defend against ransomware attacks and directs the defense secretary to develop a pilot program focusing on the viability of teaming with "internet ecosystem companies to discover and disrupt the use of their platforms, systems, services, and infrastructure by malicious cyber actors," according to an executive summary of the bill. Learn More
Every facility manager should be able to answer these crucial questions about the cybersecurity of their facility systems. How vulnerable are your facility systems to cyberattacks? Can bad actors hack into your building automation systems (BAS) and then gain access to sensitive information technology (IT) data? As building system technology continues to emerge and mature, facility managers, operators, and occupants are becoming increasingly reliant on the internet of things (IoT) and related technologies and applications. The continued convergence of IT and operational technology (OT) highlights the need for comprehensive cybersecurity strategies. Learn More
Mitre releases its list of the most dangerous software weaknesses, detailing the most common vulnerabilities which can give cyber criminals the ability to access machines to steal data or cause crashes. Read More
In the wake of the ransomware attack against Colonial Pipeline and other recent major cybersecurity incidents, in a rare show of bipartisanship the U.S. Congress is pushing forward with a number of bills to stem the tide of cyberattacks against private-sector targets. The legislation is aimed at countering threats posed to critical infrastructure and other facets of the U.S. economy by cyber criminals. Read More
Nearly three months after a cyberattack against a prominent petroleum products distributor on the East Coast, groups representing various infrastructure sectors called for robust methods to protect the country’s freight and mobility grids.
Enhancing the government’s efforts to secure critical infrastructure from cyberattacks will require long-term investments and coordinated strategies, stakeholders told a Senate panel July 21. Read More
Women in Cybersecurity (WiCyS), an organization devoted to recruiting, retaining and advancing women in the cybersecurity field, has expanded its Cybersecurity Training Scholarship Program thanks to funding from Google, Facebook and Bloomberg. Read More
Comments will be approved before showing up.
December 18, 2024
2024 in retrospect: Lessons learned and cyber strategies shaping future of critical infrastructure, Office of the National Cyber Director Publishes the Playbook for Strengthening Cybersecurity in Federal Grant Programs for Critical Infrastructure, The best Cybersecurity advice in 2024 and more...
November 26, 2024
October 30, 2024