May 26, 2021
summary for facility management professional, building owners and IT professionals who are interested in building security and Facility IT.
Any time is too long, but hackers are finding ways to wander through networks unseen for longer than you might expect. Cyberattackers on average have 11 days after breaching a target network before they're being detected, according to UK security firm Sophos – and often when they are spotted it's because they've deployed ransomware. Read more
The Professional Services Council has called on Congress to provide funding for cybersecurity and information technology modernization efforts as it drafts an infrastructure package that would coincide with the Biden administration’s American Jobs Plan.
The SolarWinds breach and other recent cyberattacks and the new executive order on cybersecurity highlight the “need for resources to adapt and operate securely in the continuously changing threat environment,” David Broome, executive vice president for government relations at PSC, wrote in a letter to House and Senate leadership. Learn More
As the East Coast suffered from the effects of a ransomware attack on a major petroleum pipeline, President Biden signed an executive order on Wednesday that placed strict new standards on the cybersecurity of any software sold to the federal government.
The move is part of a broad effort to strengthen the United States’ defenses by encouraging private companies to practice better cybersecurity or risk being locked out of federal contracts. But the bigger effect may arise from what could, over time, become akin to a government rating of the security of software products, much the way automobiles get a safety rating or restaurants in New York get a health safety grade. Learn More
On Wednesday May 12, President Biden signed an extensive executive order (EO) on improving the United States’ cybersecurity stature. The E.O. is directed at US federal departments and agencies, and federal contractors, but its impact and resultant standards will likely have a much broader impact across global critical infrastructure sectors and related technology suppliers.
And while the directives contemplated in the E.O. will technically apply only to US federal departments, agencies, and their technology suppliers, it’s likely that they will also be adopted by broader categories of buyers and suppliers across critical infrastructure to be used as a “north star” for security expectations. Learn More
On January 11, antivirus company Bitdefender said it was “happy to announce” a startling breakthrough. It had found a flaw in the ransomware that a gang known as DarkSide was using to freeze computer networks of dozens of businesses in the US and Europe. Companies facing demands from DarkSide could download a free tool from Bitdefender and avoid paying millions of dollars in ransom to the hackers.
But Bitdefender wasn’t the first to identify this flaw. Two other researchers, Fabian Wosar and Michael Gillespie, had noticed it the month before and had begun discreetly looking for victims to help. By publicizing its tool, Bitdefender alerted DarkSide to the lapse, which involved reusing the same digital keys to lock and unlock multiple victims. The next day, DarkSide declared that it had repaired the problem, and that “new companies have nothing to hope for.”
“Special thanks to BitDefender for helping fix our issues,” DarkSide said. “This will make us even better.”
DarkSide soon proved it wasn’t bluffing, unleashing a string of attacks. Read More
British schools will be able to improve their defense against online attacks through new training created for teachers and staff by the U.K.’s cyber experts.
The National Cyber Security Centre (NCSC) – a part of GCHQ – has released free cyber security training for school staff, which sets out real-life incident case studies and four practical steps staff can take to protect themselves online. Read More
Breaking into the tech sector remains phenomenally difficult for most of the world. While talent is equally distributed, the pathways to opportunities are most certainly not, evidenced by the lack of cultural, geographic, socioeconomic, gender and racial diversity in the industry.
One reason cybersecurity is uniquely well suited to democratizing access is that there are no barriers to getting started. Read More
The world is adopting technology more and more every day, and our digital security is also becoming more crucial than ever as a result. The protection of our data, programs, and digital information is becoming vital now that everything is stored online on the cloud. Cybersecurity professionals with specific skills play a chief role in keeping our security and security of our business and organization intact.
Security professionals in the IT industry with expertise in application development security, cloud computing, risk management will have the most employment opportunity in 2021 and beyond. The also predicts cloud security expertise grabs the prime salary boost of $15,025 in 2021. Read More
Comments will be approved before showing up.
January 29, 2024