You are here

Home » Cybersecurity

Cybersecurity

President Trump Appoints Bryan Ware to Lead CISA’s Cybersecurity Efforts

The President has appointed Bryan Ware to serve as the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) Assistant Director for Cybersecurity. Ware brings over 25 years of experience in advanced technology and product development to the job. Since early 2019, he served as the assistant secretary for cyber, infrastructure, and resilience policy at CISA. Beginning in October 2018, he had been serving as a senior advisor to then DHS Secretary Kirstjen Nielsen. Prior to his time with DHS, he was the CEO of Haystax, a risk consulting company.

Hacking Increasingly Used by Governments for Statecraft

In its review of a series of new books, an article published in the MIT Technology Review reflects on nation states expanding use of hacking to try to shape and bend geopolitics. The article revisits some of the most significant events of the past decade in which governments took to the digital environment to advance their objectives. It focuses mainly on activities and campaigns undertaken by Russia. These include Russia’s campaigns against the 2016 U.S.

When it Comes to Operational Technology, Old Networks Need to Learn New Tricks

Noting that his company’s most recent landscape threat report cybercriminal target vulnerabilities ten or more years old more than they target new ones, an analyst with cybersecurity firm Fortinet emphasizes the importance of companies utilizing operational technology (OT) to improve the security of their systems. He observes that this is especially warranted given that OT systems are often old and have been left unmanaged for many years – making them among the most vulnerable assets in any organization – and the rise of OT’s convergence with information technology (IT) systems.

New Data Breach Notification Laws in Effect in Three States

Companies in Texas, Illinois, and Oregon have new notification obligations if they experience a data breach, under amendments to state laws that went into effect on January 1. All 50 states and the District of Columbia require companies to notify people of security breaches of personal information, but states have been updating data breach notice statutes in recent years to broaden the definition of personal information and change requirements for when and how to notify affected individuals or the state attorney general.

New California Digital and IoT Security Law May Set a National Standard

The California Consumer Privacy Act (CCPA) went into effect on January 1, potentially marking the dawn of a new age for digital privacy and Internet of Things (IoT) device security. Under the law, Californians now have the right to request, review, and erase their digital profiles – personal information that has been collected by businesses. The law applies to any company that interacts with a California resident. While CCPA creates unparalleled digital privacy rights, it places the burden of responsibility on the consumer and not the business.

Advice from DHS’s CISA on Securing New Internet Connected Devices

The U.S. Department of Homeland Security’s (DHS’s) Cybersecurity and Infrastructure Security Agency (CISA) has posted an advisory on how to secure new internet connected devices. As described in the advisory, these devices include smart cameras, TVs, watches, phones, and tablets, all of which are popular gifts during the holiday season. Of course, this means that many people are likely to have recently come into possession of such devices. In some cases, they may be bringing these devices to work, potentially introducing new security vulnerabilities to their organizations.

Pages

Subscribe to Cybersecurity