Public Group
active 12 hours, 34 minutes ago
Enhance cybersecurity awareness and survivability for DoD, industry partners, and academia in the face of the ever-increasing threat of cyber attacks. Cybersecurity (CS) includes managing risks related to the use, processing, storage, and transmission of information and the systems and processes used for those purposes, including analog and physical form. CS includes information availability, identification and authentication, confidentiality, integrity, and non-repudiation as well as the economic considerations with respect to selection of CS techniques, CS processes, and industry trends.
Group Admins
-
The National Institute of Standards and Technology (NIST) has released the Final Draft of Special Publication 800-171A for public comment. This document, entitled Assessing Security Requirements for Controlled Unclassified Information, was designed to assist groups in preparing assessments of the NIST SP 800-171 (CUI) security requirements. https://csrc.nist.gov/News/2018/NIST-Releases-Final-Draft-SP-800-171A
-
This is an update to Special Publication 800-171, Revision1, Protecting Controlled Unclassified Information (CUI) in Nonfederal Systems and Organizations. https://csrc.nist.gov/News/2018/NIST-Releases-Second-Errata-Update-for-SP-800-171
-
Vulnerabilities in SS7 Telecommunication Network Subscriber privacy violation Real-time call interception and SMS Billing fraud Manipulate Network Settings Denial of Service SS7 Vulnerability Assessment and Penetration Testing
-
Future of Cyber Security - Artificail Intelligence(AI)/Machine Learning(ML) will take a major role in Cyber Security. Read the latest blog on future of cybersecurity
-
Cybersecurity solutions for critical energy infrastructure are imperative and they must be carefully engineered to develop reliable systems. Cybersecurity for the modernized power grid is bringing together two different communities: Information technology (IT) and Operational technology (OT). The IT and OT environments differ in important ways but each has benefits that can be gained from… -
In this episode of the CSIAC Podcast, Sean Bird talks with James Rice a Cybersecurity Instructor at Mohawk Valley Community College (MVCC) and the Lead Instructor for the GenCyber cybersecurity summer camp at MVCC. -
Colleagues, Chinese researchers at Qihoo 360 have discovered an RCE (remote code execution) vulnerability in Blockchain EOS when using smart contracts. This bug potentially allows hackers to take complete control over node servers. Commonly referred to as Blockchain 3.0, EOS is an open source platform smart contracts. The RCE flaw is considered by some to…
-
Colleagues, Amazon Cognito can provide authentication, authorization, and user management for AWS users of mobile apps. This process involves a better understanding of federated authentication mechanism, a simplified credential management for teams who already have Google accounts, Customize authentication mechanisms at very low maintenance costs while serving as a good alternative to deploying and configuring…
-
Colleagues, EuroPay, MasterCard and Visa (aka “EMV”) along with their customers continue to reap the security benefits of the dynamic cryptogram embedded in their credit cards. The EMV Coonection reports “The creation of dynamic cryptograms for every transaction with online authentication is an important feature of chip cards that provide enhanced levels of security.” The…
-
Hi, My name is Pradip Lamsal, and originally I am from Nepal (Small country between China and India). I came here in the United State in 2016 May to complete my graduate program as International Student visa. Now, I am going to complete my study in August 2018. My course is Information Technology concentration in…
-
Colleagues, the US FBI and DHS along with the UK’s National Cyber Security Center jointly warned that hackers working on behalf of the Russian government are compromising large numbers of routers, switches, and other network devices . Code-named VPNFilter, this malware has primarily targeted some 500,000 consumer and small business router worldwide … yet with…
-
In the past five years alone, the amount of mobile data has grown eighteen fold (Cisco Mobile VNI, 2017). Security concerns are at the forefront due to the reliance on mobile devices for both business and personal use, along with the ever-increasing data usage. There are two concepts of mobile security; physical and data. Physical… -
As most companies over the recent years have adopted the SAAS approach. How do you think this can impact the companies cyber security posture in general? In my experience I have noted many clients tend to relax instead of being vigilant instead they get attacked on very fundamental vulnerabilities that could easily be avoided. Let…
-
Anyone doing anything involving creating / educating / developing managers specifically for the cybersecurity industry? Or just promoting technologists into management positions for which they have neither training nor experience? Thank you in advance for any info. Rick
-
I’ve learned about hacks to Telco’s business-critical systems that result in financial loss or data leaks. But is there a way to hack a telco’s mission-critical systems that may result in the complete disruption to provide communication services?
-
If and when you have information and visibility of a possible Cyberattacks on your business or nation and to protect that if you launch a Cyberattack against that possible actor to stop that Cyberattack, will you call that Cyberattack or Cyberdefence?
-
Today’s modern societies rely on highly complex networks of ‘critical infrastructure’ to provide supplies and services. These include (but are not limited to) information technology, telecommunication, transport and healthcare – all fuelled by electricity. What makes these technologies increasingly efficient is their increased interoperability – powered by digitalization. And we are just at the early…
-
CSIAC SME and member of the American Bar Association's Information Security Committee, Richard "Rick" Aldrich, gives a snapshot of the recent developments in cyberlaw, policy, standards, court cases and industry legal frameworks. These slides focus on emerging issues such as cloud data storage, the scope of 3rd-party doctrine, encryption, warrants for electronic searches, and artificial…
-
This update to NIST Special Publication 800-37 (Revision 2) responds to the call by the Defense Science Board, Executive Order 13800, and OMB Memorandum M-17-25 to develop the next-generation Risk Management Framework (RMF) for information systems, organizations, and individuals. There are seven major objectives for this update: Provide closer linkage and communication between the risk…
-
Abstract: In recent years, there has been a substantial amount of research on quantum computers – machines that exploit quantum mechanical phenomena to solve mathematical problems that are difficult or intractable for conventional computers. If large-scale quantum computers are ever built, they will be able to break many of the public-key cryptosystems currently in use.…
- Load More
