Curated cybersecurity news

summary for facility management professional, building owners and IT professionals who are interested in building security and Facility IT.

Cybersecurity Trends in The Healthcare Industry

The healthcare Industry contains private and sensitive information about millions of patients in every country. Therefore, it’s no wonder that in 2017, it was the target of over 50 percent of cyber-attacks. Loaded with identity-revealing information like social security numbers, dates of birth, billing information and, of course, health insurance information, these details can be used for any number of fraudulent actions.

High-risk behaviors expose most travelers to cyber risks

The travel industry and its customers are increasingly the targets of cyberattacks as criminals seek to monetize highly valuable travel data, according to the new IBM Security research.

Is Cybersecurity the Weakest Link in Your Supply Chain?

Manufacturers will not be able to fully realize the benefits of digital transformation without first addressing cybersecurity. The Industrial Internet of Things (IIoT) is redefining industrial manufacturing, enabling Industry 4.0 (I4R). Emerging technologies such as the IIoT, artificial intelligence (AI), machine learning (ML), and blockchain (all in the cloud) are redefining industrial supply chain management (SCM). However, with an increasing focus on IIoT-enabled supply chains, and the large repositories of sensitive data they provide, manufacturing assets and supply chains have now become a lucrative target for cyber attacks. While manufacturers can reap the many benefits of digital supply chains, it is imperative now more than ever that they pay attention to the growing concerns of cybersecurity.

However, according to Gartner, industrial managers are not paying enough attention to IIoT security, as they are not prioritizing these initiatives (Figure 1). This article will dive into the cybersecurity challenges and vulnerabilities in digital supply chains, review cybersecurity frameworks, and recommend holistic approaches to mitigate those risks.

Security for All Sizes: When Vendors Fall Out

When a security pro gets different vendor solutions to work with each other, it's a cause for celebration. Unfortunately, most security stories seem like they're written by George R.R. Martin and they don't resolve to "happily ever after" conditions. Yes, things can run well for a while, even a good long while, but there comes a day for many a partnership where the parties involved part ways and their products no longer play well with each other.

Hit by Ransomware Attack, Florida City Agrees to Pay Hackers $600,000

MIAMI — The leaders of Riviera Beach, Fla., looking weary, met quietly this week for an extraordinary vote to pay nearly $600,000 in ransom to hackers who paralyzed the city’s computer systems.

Riviera Beach, a small city of about 35,000 people just north of West Palm Beach, became the latest government to be crippled by ransomware attacks that have successfully extorted municipalities and forced them to dig into public coffers to restore their networks. A similar breach recently cost Baltimore $18 million to repair damages.

Cybersecurity Accountability Spread Thin in the C-Suite

While cybersecurity discussions have permeated board meetings, the democratization of accountability has a long way to go.
A spate of recent surveys offer indications that the philosophy that "cybersecurity is everyone's responsibility" is gaining steam in the C-suite at most large organizations. But digging into the numbers — and keeping in mind perennially abysmal breach statistics — it's clear that while awareness has broadened across the board room, accountability and action are still spread pretty thin.

Missing the Forest for the Trees: Top 5 CISO Pitfalls in Cybersecurity

Curated bi-weekly cybersecurity news summary for facility management professional, building owners and IT professionals who are interested in building security and Facility IT.

ARTIFICIAL INTELLIGENCE FOR A SMARTER KIND OF CYBER SECURITY

As IBM Security vice president of strategy and design Kevin Skapinetz stated, cybercrime has evolved to a point that it is completely different from how we used to visualize hackers. The days where hackers are isolated individuals are long gone. The threats we are dealing with now are highly organized, elaborate, and constantly changing.

State Department proposes new $20.8 million cybersecurity bureau

The State Department has sent to Congress a long-awaited plan to reestablish a cybersecurity-focused bureau it says is key to supporting U.S. diplomatic efforts in cyberspace.

The State Department’s new plan, obtained by CyberScoop, would create the Bureau of Cyberspace Security and Emerging Technologies (CSET) to “lead U.S. government diplomatic efforts to secure cyberspace and its technologies, reduce the likelihood of cyber conflict, and prevail in strategic cyber competition.”

The good, better, and best of smart building cybersecurity, according to Intel

To minimize cybersecurity risks in smart buildings, the global chip-making company Intel has provided a set of guidelines. A white paper from the company has outlined certain steps for good, better, and best protection against hackers.

Yes, Virginia, You Can Calculate ROI For Cybersecurity Budgets

Zero Trust Architecture and its Relevance in Cybersecurity.

This article discusses a rather new technology that has replaced the widely used and much popular Default Allow approach to cybersecurity. The new technology, the Zero Trust architecture is now turning quite popular among modern day enterprises. The article examines different aspects of this development and also discuss the relevance of the rapidly evolving Zero Trust architecture.

A Weak VPN Could Be More Destructive Than No VPN

In the present era, an individual’s privacy solely depends on internet security. Your banking details, your pictures, and other sensitive information are available on different channels such as social media accounts, websites, and other online platforms. Therefore, the usage of VPN has increased drastically. But are you sure your VPN is working correctly?

If not, then you might be at risk. If you are using a weak or vulnerable VPN, then you are directly putting your data into a much worse condition.

It’s time for cybersecurity to go pro bono

Curated bi-weekly news summary for facility management professional, building owners and IT professionals who are interested in building security and Facility IT.

Collaborating Around Cybersecurity

Significant coverage of cybersecurity in BAS, a must-read for anyone involved with building systems. Includes security articles from our CEO James Lee and our CTO James Butler, Fred Gordy, Marc Petock, Kevin T. Smith, Therese Sullivan, Pook-Ping Yao, and Anto Budiardjo. 

The Need for Holistic BAS Cybersecurity

In this article, Cimetrics CEO Jim Lee outlines our Secured by Cimetrics initiative to help the BAS industry gain a stronger cybersecurity posture.

Introduction to BACnet/SC - A Secure Alternative to BACnet/IP

Our CTO of Cimetrics Jim Butler gave an interview to Automated Building.com whose April theme is Holistic Cybersecurity. Cybersecurity solutions cannot be a self-serving or an isolated approach they need to be part of a Holistic solution. And one of the parts is BACnet Secure Connect (BACnet/SC) - a popular alternative to BACnet/IP in the future. Here he explains the basics of BACnet/SC. Also, you can learn more details on BACnet/SC in this video presentation link to which you can find in this article.

Our Collective Success "Cybersecurity"

Anto Budiardjo, the editor of New Deal Blog and Ken Sinclair, the editor of
AutomatedBuildings.com discuss the April Issue and the fact that "Our collective success is based on our weakest link. Our industry is inherently collaborative. We seldom work alone on a project, and partnering is our modus operandi."

Cybersecurity: The Gatekeeper to Value

The concept of Facility IT mandates that information flows securely and easily between all elements of BAS, FM and IT. The New Deal blog editor discusses that for the past three decades, the BAS industry has been steadily marching toward convergence with IT. One challenge many BAS companies have faced is how to maintain and grow their business in the midst of this process. Many, myself included, have opined that such convergence would lead to significant BAS advancements such as making buildings more efficient. Knowing BAS is a key component to improving occupant comfort, the inevitable convergence with IT is something building owners should see as a way to improve the performance and value of their core business.

6 Top Information Security Risks to Know in 2019

Every year the Information Security Forum (ISF) — a nonprofit organization dedicated to the research and analysis of security risks — releases a report called Threat Horizon that outlines the most pressing security threats. The 2019 report contains security risks that illustrate the importance, if not urgency, of updating cybersecurity measures fit for 4IR technologies.

3 security threats businesses need to prepare for by 2021

IoT and digital transformation efforts will leave more businesses vulnerable to cyberattack, according to Information Security Forum. The report highlights three top threat categories that businesses can expect to face in their day-to-day operations over the next two years, as a direct result of digital transformation efforts and technology developments.

Top 5 Cybersecurity Myth To Leave Behind In 2018

Cybersecurity is always a pressing issue for the companies. Today irrespective of the sector data is the life and blood of all the industries. A huge amount of data are being stored and their security is always a prime concern for the companies. This article outlines top 5 security myths that certainly needs to be left behind for the year 2018.