Public Sector Cybersecurity Weekly Briefing 01-12-2018

Experts Say US Should Expect More Iranian Cyberattacks
In order to guard against such attacks, the U.S. government should increase the security of infrastructure and deepen cooperation with allies and nongovernmental organizations that have been targeted by Tehran’s cyber operations, they argue in a new report from the Carnegie International Endowment for Peace.

 

Elections are a Cybersecurity Problem
We know, beyond doubt, that prior attempts at penetrating election infrastructure have been made.  We know as well that “the machines…Americans use at the polls are less secure than the iPhones they use to navigate their way there.” Indeed, as Bruce Schneier has noted, vulnerabilities in electoral systems are widespread across the diverse locally managed systems that comprise the U.S. election infrastructure.  Many are, for example, running “severely outdated operating systems like Windows XP, which has not been patched . . . since 2014.”

 

The Year Ahead in Cybersecurity Law
These cases and bills highlight the fact that the patchwork of old laws and regulations – across the United States and across every industry – are having a difficult time keeping up with rapidly developing technology, particularly when they have to balance privacy rights with law enforcement needs. This year, some of the biggest issues to watch will be data disclosures to law enforcement, civil liability for data breaches, and board-level responsibility for data security.

 

House Passes Homeland Security Cybersecurity Oversight Bill
The legislation passed Tuesday would specifically require the Department of Homeland Security, which is now known to have a seat at the table in VEP, to report to Congress on the policies and procedures by which previously unknown vulnerabilities are disclosed to the private sector. Lawmakers passed the bill in a voice vote Tuesday afternoon.

 

Safe Cities: Citizens Want to Interact Online with Police 
Nearly all of residents of four major US cities are willing to use online digital media to submit evidence to law enforcement agencies, suggesting the need for more interactive platforms to promote the exchange of information between police and citizens, according to a new survey sponsored by Unisys Corporation.

 

Why the Cybersecurity Industry is Failing Government
For many on the agency side, enough is getting to be too much. It’s not that these buyers aren’t interested in products tested first in the commercial marketplace – to the contrary, that’s clearly the buying trend in government. But if you are just trying to expand your market share by treating the government as just another customer, save your time. Many of the summit panelists said flat-out that a lack of mission knowledge is a deal-breaker for product purchases.

 

Stay up to date on the Public Sector Information Security news that you need to know by signing up for our Public Sector Briefing Here.

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.

//]]>