World Economic Forum: Dramatic Rise of Cybersecurity Risks from COVID-19 Prompts Action Plan. “In a matter of weeks, the pandemic forced the global economy and society, organizations and individuals to become more reliant than ever on the internet and the digital economy. According to the Forum’s COVID-19 Risks Outlook: A Preliminary Mapping and its Implications, cyberattacks and data fraud are considered the most likely technological risks of COVID-19 for the world, and the third of greatest concern overall owing to abrupt adoption of new working patterns. To support business leaders responsible for reinforcing the cyber resilience of their organizations in an unforeseen, instantaneous new reality, the World Economic Forum today launched The Cybersecurity Leadership Principles: Lessons learnt during the COVID-19 pandemic to prepare for the new normal.”
University of Texas at Dallas: Computer Scientists’ New Tool Fools Hackers into Sharing Keys for Better Cybersecurity. “Instead of blocking hackers, a new cybersecurity defense approach developed by University of Texas at Dallas computer scientists actually welcomes them. The method, called DEEP-Dig (DEcEPtion DIGging), ushers intruders into a decoy site so the computer can learn from hackers’ tactics. The information is then used to train the computer to recognize and stop future attacks.”
Route Fifty: FBI to Alert States About Local Election System Hacks. “The Federal Bureau of Investigation announced Thursday it will begin informing state election officials when local election systems are hacked, a policy change intended to improve cybersecurity coordination and address concerns state leaders have raised about transparency.”
University of Arizona: $3M Grant to Create Cybersecurity Modeled After Human Body. “A woman touches a hot stove, but thanks to the nervous system, she snatches her hand away before she gets too hurt. A virus enters the body, but the immune system fends off the invader before it can cause too much damage. What if our computers and smartphones could respond to security threats in the same proactive way our bodies respond to health threats?” This is not biometrics. I’m not sure how I’d describe it, but it’s not biometrics.
BetaNews: Free test checks website security and PCI DSS compliance. “Good website security is essential to give customers confidence in your business, but for smaller organizations testing can prove difficult. To address this issue, security testing and risk rating company ImmuniWeb is launching a free website security test that can be used by anyone.”
Journal of Blacks in Higher Education: Thomas Edison State University Launches the Journal of Women and Minorities in Technology . “The new publication will be an open access journal that provides quality peer-reviewed articles written by academics and professionals in the fields of aviation, nuclear technology, cybersecurity, and information technology. The articles will provide technical and soft-skills information needed to excel in the field of technology, with an emphasis on women, African Americans, and other professionals from underrepresented groups.”
Michigan State University: Putting Understudied Terrorists Under A Microscope. “Bombs exploding, hostages taken and masked gunmen firing machine guns are all types of terrorist attacks we’ve seen. According to new Michigan State University research, it’s the attacks we don’t see – cyberattacks – that happen more often and can cause greater destruction.”
Pew Global: International Publics Brace for Cyberattacks on Elections, Infrastructure, National Security. “As the pace and magnitude of cyberattacks have increased around the world, a new survey shows that people in multiple countries think it is likely that government data, public infrastructure and elections will be targeted by future hacks. Opinion is mixed, however, on whether their nations are prepared for such events.”
MIT Technology Review: Crowdsourcing the hunt for software bugs is a booming business—and a risky one. “This cybersecurity gig economy has expanded to hundreds of thousands of hackers, many of whom have had some experience in the IT security industry. Some still have jobs and hunt bugs in their spare time, while others make a living from freelancing. They are playing an essential role in helping to make code more secure at a time when attacks are rapidly increasing and the cost of maintaining dedicated internal security teams is skyrocketing .”
CNET: White House reportedly eliminates top cybersecurity role. “Politico, The Hill and CNN report that the Trump adminstration has eliminated the White House position of cybersecurity coordinator, a role President Obama first established in 2009, at a time when hacks and cybersecurity threats weren’t as commonplace as they are today.” This is a terrible idea, and I’d be saying that even if we had President Fred Rogers.
Politico: Bolton pushing to eliminate White House cyber job. “President Donald Trump’s national security team is weighing the elimination of the top White House cybersecurity job, multiple sources told POLITICO — a move that would come as the nation faces growing digital threats from adversaries such as Russia and Iran. John Bolton, Trump’s hawkish new national security adviser, is leading the push to abolish the role of special assistant to the president and cybersecurity coordinator, currently held by the departing Rob Joyce, according to one current and two former U.S. officials with direct knowledge of the discussions.”
Boing Boing: Georgia criminalizes routine security research. “Georgia is a hub for cybersecurity research, with leading university computer science and security programs and a new $35m state cybersecurity research center underway; but the Georgia state legislature just passed SB315, the most onerous prohibition on computer security research ever passed in the USA.”
TechCrunch: New York City is launching public cybersecurity tools to keep residents from getting hacked . “In a week of harrowing city-level cyber attacks, New York is taking some precautions. While the timing is coincidental, New York City Mayor Bill de Blasio just announced that the city will introduce the first tools in its suite of cybersecurity offerings to protect residents against malicious online activity, particularly on mobile devices.”
POGO: A New Tool for Looking at Federal Cybersecurity Spending. “…a new tool from nonpartisan watchdog group Taxpayers for Common Sense provides perhaps the most comprehensive analysis of federal cybersecurity spending. Last week, Taxpayers released a new database and visualization tool that breaks down unclassified federal spending on cybersecurity over the past decade—giving the public a peek at how each major federal agency is devoting resources toward protecting computer systems.”
The National Institute of Standards and Technology (NIST) has released the first draft of a cybersecurity self-assessment tool for enterprises. “The builder tool is intended to help organizations ensure that their cybersecurity systems and processes support the enterprises’ larger organizational activities and functions. ‘These decisions around cybersecurity are going to impact your organization and what it does and how it does it,’ says Robert Fangmeyer, director of the Baldrige Performance Excellence Program. ‘If your cybersecurity operations and approaches aren’t integrated into your larger strategy, aren’t integrated into your workforce development efforts, aren’t integrated into the results of the things you track for your organization and overall performance, then they’re not likely to be effective.'”