Tel: +1-617-350-7550

November Cybersecurity News 2022

November Cybersecurity News 2022

November 17, 2022

Curated cybersecurity news

summary for facility management professional, building owners and IT professionals who are interested in building security and Facility IT.

 

What is new in November, 2022 in Cybersecurity?

Cybersecurity issues in retail and smart cities

Cybercrime’s prevalence and costs are significant. The UN reported that cybercrime skyrocketed by 600% during the pandemic, a result of an almost overnight reliance on digital working, shopping, and communication. There was a 10% increase in the average total cost per security breach from 2020 to 2021, while a McAfee report estimates that the global cost of cybercrime has now reached over US$1 trillion. 

Easy targets: smart retail and smart cities 

The need for vigilant cybersecurity measures is paramount. The retail sector has proven especially vulnerable. Trustwave reports that retail is on the receiving end of 24% of all cyberattacks, more than any other industry. Read More

Cybersecurity: Secret Service Has Made Progress Toward Zero Trust Architecture, but Work Remains

With the ever-increasing threat of cyberattacks, the Secret Service is adopting a "zero trust" approach to cybersecurity. This "zero trust architecture" requires constant verification of everything that's trying to connect to an organization's IT systems.

The Secret Service developed a plan to implement this with 4 milestones, such as assessing agency IT systems against federal guidance and implementing cloud services. But the agency created this plan before federal "zero trust" guidance was issued and hasn't updated its plan to reflect this guidance. Learn More

Cimetrics Releases the Manufacturers’ Guide to BAS Cybersecurity for BACnet System

The White House tasked the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency to play a key role in deploying new cybersecurity guidelines the Biden administration rolled out Wednesday.

CISA will work with the Office of Management and Budget to create a “common form” that U.S. departments will use to show that software vendors have attested the technology they are selling to the government meets National Institute of Standards and Technology security guidelines. Read more

How To Take A Multi-Layered Approach To Cybersecurity

To start, conduct a thorough risk assessment to identify and characterize threat sources—who they are, where they may come from and what they may look like. Once you have your potential threat sources identified, identify vulnerabilities in your organization. This could include lines of business where data leaks may be more prevalent or types of technology that would normally be overlooked in an assessment.

What are the extra steps you need to take to help ensure data is secure from malicious actors? Read more       

Biden-⁠Harris Administration Accomplishes Cybersecurity Apprenticeship Sprint

As a result of the Sprint, 194 new cybersecurity Registered Apprenticeship programs have been approved or are under development.

Through our efforts, new and pre-existing program sponsors are expanding their programs by adding 120 cybersecurity-related occupations to pre-existing and new Registered Apprenticeship programs.
The work of the sprint has resulted in over 7,000 apprentices getting hired. Learn More

Electricity/Energy Cybersecurity: Trends & Survey Response

Trend Micro conducted a study on the state of industrial cybersecurity in the oil and gas, manufacturing, and electricity/energy industries in 2022. Based on the results of a survey of over 900 ICS business and security leaders in the United States, Germany, and Japan, we will discuss the characteristics of each industry, the motivations and environmental factors that will drive future cybersecurity improvements. We will also introduce Trend Micro's proposals based on the industry's current state, focusing on manufacturing & production. Read More

CISA wants to change how organizations prioritize vulnerabilities

Vulnerability management is a whac-a-mole pursuit for many organizations, but federal authorities are trying to change that.

The Cybersecurity and Infrastructure Security Agency on Thursday released its guide for Stakeholder-Specific Vulnerability Categorization and outlined three areas of focus for continued improvement.

The vulnerability-patch cycle places a heavy burden on cybersecurity professionals, and many organizations struggle to identify and patch the vulnerabilities that are most critical to their business and risk profile. Read More



Leave a comment

Comments will be approved before showing up.


Also in Cimetrics News

October Cybersecurity news 2022
October Cybersecurity news 2022

October 16, 2022

October is Cybersecurity Awareness month, Manufacturers' Guide to BAS Cybersecurity for BACnet System, Cybersecurity matters for utilities and more...

Read More

August/September 2022 Cybersecurity news
August/September 2022 Cybersecurity news

September 15, 2022

White House releases post-SolarWinds federal software security requirements, CISA to develop ‘self-attestation’ cybersecurity standards for federal software vendors, Building A Cybersecurity Culture In Your Organization

Read More

July 2022 Newsletter
July 2022 Newsletter

August 01, 2022

SecuredByCimetrics (SbC) explained,

Read More