Cybersecurity Recap September 2020

Curated cybersecurity news

summary for facility management professional, building owners and IT professionals who are interested in building security and Facility IT.

The NSA Makes Ghidra, a Powerful Cybersecurity Tool, Open Source

No one's better at hacking than the NSA. And now one of its powerful tools is available to everyone for free.

Agency develops advanced hacking tools in-house for both offense and defense—which you could probably guess even if some notable examples hadn't leaked in recent years. But on Tuesday at the RSA security conference in San Francisco, the agency demonstrated Ghidra, a refined internal tool that it has chosen to open source. And while NSA cybersecurity adviser Rob Joyce called the tool a "contribution to the nation’s cybersecurity community" in announcing it at RSA, it will no doubt be used far beyond the United States. Read More

Cybersecurity lessons learned from data breaches and brand trust matters

The COVID crisis has not changed the cybersecurity fundamentals. What will the new normal be like? While the COVID pandemic has turned business and society upside down, well-established cybersecurity practices – some known for decades – remain the best way to protect yourself. Read More

Cybersecurity Risk Management Process

Why is managing cyber risk so much harder today than ever before? First, Start with the explosion of cloud services and third-party vendors contacting sensitive data. Second, organizations face a growing number of laws and regulations that govern how confidential data must be protected. And third, COVID-19 pandemic with employees working remotely on unsecured networks, scrambled security protocols, and recession-driven budget and staffing cuts. 

So, facing this multitude of obstacles, how can your organization hope to manage risk today? This article will address all three, but first, let’s begin by examining the current state of cybersecurity risk management. Learn More

Cybersecurity Authorities Issue Joint Advisory on Security Incident Detection and Response

The cybersecurity authorities of Australia, Canada, New Zealand, the United Kingdom, and the United States have issued a joint advisory highlighting technical approaches to uncovering malicious cyberactivity, with suggested mitigation practices. Recommended approaches include analyzing data in various ways to identify normal traffic patterns, so that anomalous activity stands out. In addition, the advisory lists investigative steps to help spot suspicious activity. Learn More

Without robust cybersecurity systems, smart cities are flawed, writes Haider Pasha, chief security officer for the Middle East and Africa at Palo Alto. 

Smart cities must be ‘secure by design’. Connected systems for first responders, environmental controls, public internet access, traffic management, green energy and more must be based on rock-solid, intuitive and automated security protocols and policies from the start. Read More

Pandemic exacerbates NASA cybersecurity challenges

A shift to remote working caused by the coronavirus pandemic has created new cybersecurity challenges for NASA, agency officials said at a Sept. 18 House hearing. 

Jeff Seaton, NASA acting chief information officer, told the House space subcommittee Sept. 18 that the agency has taken steps to improve both cybersecurity and overall IT infrastructure during the pandemic. Credit: House Science Committee webcast Read More

Also in Cimetrics News