Public Sector Cybersecurity Weekly Briefing 02-09-2018

No, the US Won’t Respond to A Cyber Attack with Nukes
The idea that the U.S. is building new low-yield nuclear weapons to respond to a cyber attack is “not true,” military leaders told reporters in the runup to the Friday release of the new Nuclear Posture Review. […] When would the U.S. launch a nuclear attack in response to a non-nuclear event? The Defense Department says the threshold hasn’t changed since the Obama administration’s own nuclear posture review in 2010, but a draft of the new review that leaked online caused a bit of drama in its attempts to dispel “ambiguity.”

 

Penetration Testing Is a Reference Point, Not a Strategy (Originally on CSO Online)
Pen tests are valuable only if the results are properly translated into an effective overall security strategy. I’m often skeptical of survey results, but a recent survey from the 2017 HIMSS (health sector) conference, which suggests that penetration testing is a top priority, caught my eye. Add to this Gartner’s global cybersecurity group estimate of a 14 percent uptick in “security testing,” as well as an 8.5 percent increase in “consulting.”

 

Hacked at Sea: Concerns Grow for Ship, Port Cybersecurity
The entire shipping and maritime sector, a crucial part of the global economy that impacts ocean health, heard that alarm bell. It is, according to many experts, an industry that is lagging in its preparedness to face modern cybersecurity threats. As ships become more connected to online systems and controlled by software, the risks will only grow. “This summer is when everybody woke up,” then U.S. Federal Maritime Commissioner William Doyle said at the Shipping 2030 North America conference in New York City in November.

 

Lawmakers: Cyber Warfare Skills Critical for Future Military, Homeland Security
Several lawmakers agreed skills for cyber warfare, such as developing artificial intelligence, will be key for the military and other domains charged with protecting the homeland in the future. “Cyber warfare in the future, it’s not going to be hacker on hacker,” said Rep. Will Hurd, R-Texas, a former CIA officer and member of the Homeland Security committee. “It’s going to be good AI versus bad AI… and right now we are only teaching that stuff in Ph.D. programs.”

 

State Dept. Reverses Course, Plans to Launch Cyber and Digital Economy Bureau
Secretary of State Rex Tillerson plans to launch a new cyberspace and digital economy bureau, seemingly reversing course under congressional pressure after he shuttered the department’s cyber coordinator’s office in August. […] The new bureau “would cohesively unify the Office of the Coordinator for Cyber Issues and the Bureau of Economic Affairs’ Office of International Communications and Information Policy,” a State Department spokesperson said.

 

DHS Needs More Cybersecurity Workers While Also Figuring Out Where to Put Them
Shutdowns and continuing resolutions don’t just impact the military’s readiness. The Department of Homeland Security said its mission is also affected by stopgap funding. DHS deputy secretary Elaine Duke told senators her agency feels constrained and unable to begin new projects without getting new funding authorized by Congress. Claire Grady, the undersecretary for management, also said a slew of short-term CRs has delayed DHS on everything from new hiring efforts to major acquisitions.

 

Stay up to date on the Public Sector Information Security news that you need to know by signing up for our Public Sector Briefing Here.

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.