The Cybersecurity (CS) Digest is a curated bi-weekly news summary for cybersecurity professionals. It is transmitted in an HTML-formatted email and provides links to articles and news summaries across a spectrum of cybersecurity topics.
Intel CEO Talks Cloud and Internet of Things Strategy - Top Tech News
CEO Brian Krzanich outlined a set of core beliefs yesterday guiding the company's strategy for the future -- chief among them that the cloud is the single most important trend influencing the future of computing.
The potential dangers of USB sticks when it comes to transporting computer viruses are well known, but even workers in highly sensitive environments like nuclear facilities can't always seem to prevent themselves from exposing their PCs to malware.
Strong dependence on industrial control systems, or ICS, is a serious vulnerability for industry, the National Security Agency’s deputy director said here yesterday.
"Ransomware" has turned into a lucrative business for scammers, but it could jump from a troubling annoyance to life-threatening attacks.
The Bangladesh Bank's internal network security was sorely lacking.
Data security: Rethinking The Perimeter - IT Pro Portal
Business computing is happening everywhere, at our desks, at home, on mobile devices, in watches and cars, and work is transforming rapidly because of it.
The report found that human error is still a common source of breaches.
MasterCard plans to introduce a new "selfie pay" security system in more than a dozen countries this summer.
Cambridge Health Alliance is one of many hospitals that has embraced health-care technology to improve patient care. Still, for doctors and nurses in this hospital network outside Boston, worrying about security when they input data into the system's computers requires a balancing act.
Two House Energy and Commerce Committee members on Tuesday introduced a bill intended to improve cybersecurity at the Department of Health and Human Services (HHS).
FBI Won’t Reveal Vulnerability That Unlocked iPhone - Newsfactor
Although the White House has a policy to disclose some cyber vulnerabilities discovered by government agencies, the Federal Bureau of Investigation has indicated it will not reveal details about the security flaw that enabled it to unlock an iPhone connected to its investigation of a mass shooting in San Bernardino, Calif., in December.
Mobile, IoT Yet To Become Data Breach Targets - Business Insider
Mobile and IoT devices are still not a factor in real-world data attacks, according to Verizon’s 2016 Data Breach Investigation.
Headaches Likely to Grow Over Auto Cybersecurity Concerns - Network World
The concerns around the cybersecurity of your car are likely magnify in the near term while experts try to figure out what can be done simply to eliminate risks.
Quantum computers have been hailed for their revolutionary potential in everything from space exploration to cancer treatment, so it might not come as a surprise that Europe is betting big on the ultra-powerful machines.
Our increasingly connected world is more and more at risk from software vulnerabilities and security flaws. The new security testing paradigm developed in the DIAMONDS project resulted in several European SMEs bringing new products and services into this fast-growing market, and continues to influence international standards.
The U.S. should embrace cybersecurity treaties, a former State Department official says.
FBI Warns of Cyber Threat to Electric Grid - Fox News
Three months after a Department of Homeland Security intelligence report downplayed the threat of a cyber attack against the U.S. electrical grid, DHS and the FBI began a nationwide program warning of the dangers faced by U.S. utilities from damaging cyber attacks like the recent hacking against Ukraine’s power grid.
Security pros consider the NIST framework an industry best practice, yet half of its adopters say its complete implementation involves a high level of investment.
Cyber Security of Critical Infrastructure - Department of Homeland Security
CSIAC serves on the EO 13636/PPD-21 Research & Development (R&D) Working Group (WG) run by DHS S&T. If you would like further information, contact Dr. Paul Losiewicz at email@example.com
The Cyber COI engages in multiple activities and forums for coordinating cyber S&T strategies, sharing innovative ideas and technical approaches, promoting technology transfer and upcoming business opportunities, and in jointly planning programs across the Department of Defense and other government agencies. Membership is based upon approval by the Cyber COI group administrator.
DOD OSBP officials acknowledged that cybersecurity is an important and timely issue for small businesses -and therefore the office is considering incorporating cybersecurity into its existing outreach and education efforts. During the review, GAO identified 15 existing federal cybersecurity resources that DOD OSBP could disseminate to defense small businesses.
DHS S&T Collaboration Community - Ideascale
The National Conversation is intended to bring together everyone to play a role in shaping the future of homeland security technology. This means responders, operational users, citizens, academia, and industry.
The Department of Defense Cyber Strategy - Department of Defense
The purpose of this strategy is to guide the development of DoD's cyber forces and strengthen our cyber defense and cyber deterrence posture. It focuses on building cyber capabilities and organizations for DoD's three primary cyber missions.
The Information Sharing Environment (ISE) broadly refers to the people, projects, systems, and agencies that enable responsible information sharing for national security.
Standards & Reference Documents - CSIAC
View all Best Practices and Reference Documents on the CSIAC website.
DoD Cyber Domain Resources - Department of Defense
DHS Cyber Security Strategy (“Blueprint for a Secure Cyber Future”, 2011) - Department of Homeland Defense
DIB CS/IA Voluntary Information Sharing Program - DoD DIBNet
DoD's DIB CS/IA program is a voluntary program to enhance and supplement DIB participants' capabilities to safeguard DoD information that resides on, or transits, DIB unclassified information systems.
US-CERT Bulletins - Department of Homeland Security
Bulletins provide weekly summaries of new vulnerabilities. Patch information is provided when available.
US-CERT Alerts - Department of Homeland Security
Alerts provide timely information about current security issues, vulnerabilities, and exploits.
NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. NVD includes databases of security checklists, security related software flaws, misconfigurations, product names, and impact metrics.
Trustworthy CyberSpace: Strategic Plan For The Federal Cybersecurity Research and Development Program - NITRD
Committee on National Security Systems (CNSS) - Committee on National Security Systems
The CS Digest provides links to third party Websites. The CSIAC is not responsible for the availability of, and content provided on, third party Websites. You should refer to the policies posted by other Websites regarding their privacy and other topics before you use them. The CSIAC is not responsible for third party content accessible through the CSIAC CS Digest, including opinions, advice, statements, advertisements and endorsements, and you bear all risks associated with the use of such content.