The Cybersecurity (CS) Digest is a curated bi-weekly news summary for cybersecurity professionals. It is transmitted in an HTML-formatted email and provides links to articles and news summaries across a spectrum of cybersecurity topics.

RECENT HEADLINES:

Cloud Computing:

RSA Conference: SIEM is effectively dead as Big Data dominates businesses - SC Magazine

Security Incident and Event Management (SIEM) technology yeilding in importance to intelligence-driven security

Critical Infrastructure:

Executive Order – Improving Critical Infrastructure Cybersecurity - The White House

12 February EO to provide Cybersecurity for Critical Infrastructure

Improving Critical Infrastructure Cybersecurity - The White House

12 February EO to provide Cybersecurity for Critical Infrastructure.

Cyberwarfare:

NATO, European governments, hit by “MiniDuke” cyber attack - Reuters

CrySyS of Hungary claims attack is of "nation-state" origin, used Adobe vulnerability

China says US-based Hackers Target its Military Websites, Amid Competing Cybersnooping Claims - Yahoo!

Official response to Mandiant did not take long.

NATO, European Governments, hit by “MiniDuke” Cyberattack - Reuters

CrySyS of Hungary claims attack is of "nation-state" origin, used Adobe vulnerability

Data Security:

Why the Security of USB Is Fundamentally Broken - Wired

Security problems with USB devices run deeper than you think: Their risk isn't just in what they carry, it's built into the core of how they work.

Evernote Hack Exposes User Data, Forces Extensive Password Resets - Wired

50 MILLION accounts compromised in a similar manner to "the many high profile attacks on other Internet-based companies that have taken place over the last several weeks"

Bradley Manning pleads guilty to 10 lesser charges, explains motive - Washington Post

Insider Threat: You can still exfiltrate a lot of classified data on a CD.

Mobile Security:

DoD’s Commercial Mobile Device Implementation Plan - doncio.navy

Recognizing increasing end-user dependence on mobile devices, the Defense Department released a comprehensive enterprise management plan in February to ensure secure mobile device operation and maintenance in a cost efficient manner.

Network Security:

Businesses deluded about threat of cyber attack - CBS

Deloitte Cyber Security Survey of 121 companies finds 88 percent of executives think companies not vulnerable to attack

Exclusive: Cyberattack leaves natural gas pipelines vulnerable to sabotage - Christian Science Monitor

Network Insecurity enables Critical Infrastructure SCADA Vulnerability
Tags: Critical Infrastructure Protection (CIP)

TECHNICAL RESOURCES, POLICY & GUIDANCE:

Trustworthy CyberSpace: Strategic Plan For The Federal Cybersecurity Research and Development Program - NITRD

Committee on National Security Systems (CNSS) - Committee on National Security Systems

The CS Digest provides links to third party Websites. The CSIAC is not responsible for the availability of, and content provided on, third party Websites. You should refer to the policies posted by other Websites regarding their privacy and other topics before you use them. The CSIAC is not responsible for third party content accessible through the CSIAC CS Digest, including opinions, advice, statements, advertisements and endorsements, and you bear all risks associated with the use of such content.