NTSC Blog

Weekly News Roundup: February 24, 2020

Legislative Cybersecurity News Update

Here, we’ve provided a roundup of cybersecurity legislation news stories from last week.

• House Energy and Commerce panel seeks feedback on autonomous vehicle legislation: According to Inside Cybersecurity, “The House Energy and Commerce Committee wants stakeholder feedback […] on draft bill language that would direct the Transportation Department to craft and enforce cybersecurity regulations for autonomous vehicles. The cybersecurity section of the draft bill mandates that each manufacturer ‘has developed, maintains and executes cybersecurity practices and processes to minimize cybersecurity risks to motor vehicle safety.’”
• Privacy Bill Clears Washington State Senate: According to MediaPost, “The Washington State Senate has passed a privacy bill that would give state residents new rights over data collection and use, including the right to opt out of targeted advertising. The Washington Privacy Act, which cleared the Senate 46-1 [February 14], now moves to the House where its future is uncertain.”

National Cyber Security News Update

Here, we’ve provided a roundup of cybersecurity news stories related to national security from last week.

• CISA Shares Details About Ransomware that Shut Down Pipeline Operator: According to NextGov, “The Cybersecurity and Infrastructure Security Agency released details about a ransomware attack on an undisclosed natural gas compression facility that decided to deliberately shut down for two days in order to ensure control of operations. ‘Although they considered a range of physical emergency scenarios, the victim’s emergency response plan did not specifically consider the risk posed by cyberattacks,’ CISA said in an alert [last] Tuesday. ‘The victim cited gaps in cybersecurity knowledge and the wide range of possible scenarios as reasons for failing to adequately incorporate cybersecurity into emergency response planning.’”
• US Cyber Command, DHS, and FBI expose new North Korean malware: According to ZDNet, “US Cyber Command, the Department of Homeland Security, and the Federal Bureau of Investigation have exposed [on February 14] a new North Korean hacking operation. Authorities have published security advisories detailing six new malware families that are currently being used by North Korean hackers. According to the Twitter account of the Cyber National Mission Force (CNMF), a subordinate unit of US Cyber Command, the malware is being distributed via a North Korean phishing campaign.”
• Report: FedRAMP needs to evolve to embrace artificial intelligence, IoT solutions: According to Inside Cybersecurity, “A report from a nonprofit cybersecurity coalition urges the General Services Administration to update the design of FedRAMP – the Federal Risk and Authorization Management Program – to address the growth of emerging technologies such as artificial intelligence and Internet of Things. ‘While well-intended and partially successful, FedRAMP’s design is no longer optimized for modern security solutions,’ says the Center for Cybersecurity Policy and Law report released [last] Friday.”

Cybersecurity Reports and Surveys Roundup

We’ve rounded up a few of the best cybersecurity reports and surveys released last week:

• Hacking victims are uncovering cyberattacks faster - and GDPR is the reason why: Reported in ZDNet, “The amount of time hackers spend inside the networks of compromised organizations before being uncovered has massively declined across Europe -- and GDPR is a key reason for the drop. Analysis of cyberattacks by researchers at cybersecurity company FireEye reveals that the median dwell time from the start of an intrusion to it being identified has fallen from 177 days last year to 54 days now -- a 70% decrease.”
• Oil Industry Boosts Spending on Cybersecurity Five-Fold Since 2017: Reported in Security Boulevard, “The Oil & Gas sector is investing aggressively in digital as the energy transition progresses and firms move to sustainable business models. That includes heavy investments in cybersecurity, an ongoing trend in an industry bent on protecting assets and reputations. In a global survey of 255 industry professionals, including C-suite executives, functional leaders and engineers, cybersecurity emerged as companies’ top investment focus, and the technology driving the greatest impact on business performance. The survey was conducted in early 2019 but the results were only published this month. Accenture asked respondents which digital technologies their organizations are investing in today. Cybersecurity was cited more than any other, by 61% of respondents. Only 12% offered the same answer in 2017.”
• Number of patient records breached nearly triples in 2019: Reported in Fierce Healthcare, “Over 41 million patient records were breached in 2019, with a single hacking incident affecting close to 21 million records. Healthcare data breaches in 2019 almost tripled those the healthcare industry experienced in 2018 when 15 million patient records were affected by breach incidents, according to a report from Protenus and DataBreaches.net.”
• Businesses consider cybersecurity as an afterthought despite growth in attacks, EY survey finds: According to a press release, “Despite the overall growth in cyberattacks, only one-third of organizations say the cybersecurity function is involved at the planning stage of a new business initiative, according to the EY Global Information Security Survey (GISS). This year's GISS, which surveyed almost 1,300 cybersecurity leaders at organizations worldwide, showed that almost 60% of organizations have faced an increased number of disruptive attacks in the past 12 months.”
• New Study Suggests Security Automation Will Cause Dramatic Improvements, but Also Substantial Cybersecurity Workforce Reductions: Reported in CPO Magazine, “51% of the respondents now expect that automation will reduce their cybersecurity workforce, an increase of 30% from the previous year, and only 13% felt that automation would have no impact at all on their hiring. However, 68% report that human involvement in IT security is still important and only 24% feel that automation will reduce the need for skilled security personnel. And 74% responded that they believe there are IT security tasks that can never be automated, a number that is actually up 6% from the previous year. Similarly, the number of respondents that believe there are threats that AI will never be able to deal with increased from 35% to 45% in this survey.”
• Businesses assaulted by hundreds of new malware strains: Reported in ITProPortal, “[A new report by cybersecurity firm FireEye] states that of all the malware families observed in 2019, almost half (41 percent) were completely new. Of the recognized strains, 70 percent belonged to one of the five most popular malware families. According to FireEye, this indicates cybercriminals are innovating at pace, and are also outsourcing tasks to monetize their operations faster.”
• Ransomware Damage Hit $11.5B in 2019: Reported in Dark Reading, “According to [a] report from Deep Instinct, ransomware attacks became more focused in 2019, going after organizations rather than individuals. Drawn from a variety of external sources along with Deep Instinct's own network intelligence, the report contains device-specific analysis along with market-wide statistics like the $11.5 billion number it cites from Cybersecurity Ventures.”
• Cloud misconfigurations surge, organizations need continuous controls: Reported in Help Net Security, “Nearly 33.4 billion records were exposed in breaches due to cloud misconfigurations in 2018 and 2019, amounting to nearly $5 trillion in costs to enterprises globally, according to DivvyCloud research.”
• Two-Thirds of CISOs Struggling with Skills Shortages: Reported in Infosecurity Magazine, “Two-thirds (66%) of global CISOs say they are struggling to recruit the right talent and a similar number believe shortages will only get worse, according to a new study from Marlin Hawk.”
• 16 DDoS attacks take place every 60 seconds, rates reach 622 Gbps: Reported in ZDNet, “Netscout's research, made public [last] Tuesday, says that there has been an increase of 87% in exploit attempts between the second half of 2018 and 2019. In addition, DDoS attack frequency worldwide has increased by 16%, with 16 DDoS attempts taking place every minute.”
• Container Security Concerns Impacting Deployments: Reported in Container Journal, “A survey of 540 IT and security professionals conducted by 451 Research on behalf of StackRox, a provider of a container security platform, finds nearly half the respondents (44%) admit to delaying or halting the deployment of a containerized application in a production environment because of cybersecurity concerns.”
• BullGuard: New Study Reveals One in Three SMBs Use Free Consumer Cybersecurity and One in Five Use No Endpoint Security at All: According to a press release, “One-third of companies with 50 or fewer employees report using free, consumer-grade cybersecurity, and one in five companies use no endpoint security whatsoever. Additionally, the study found 43% of SMB owners have no cybersecurity defense plan in place at all – leaving their most sensitive financial, customer and business data, and ultimately their companies, at significant risk.”
• 84% of Employers Find Cybersecurity Certifications That Align with Military Job Roles as the Gold Standard for Hiring: According to the EC-Council, “Of the 256 IT employers who were polled, 86% said that industry certifications aligned to cyber-affiliated U.S. military job roles and occupations play an important role when hiring candidates. In fact, almost half (48%) agreed they are either very important or absolutely essential and 84% consider them to be the ‘gold standard’ when hiring.”

Dell Technologies to Sell RSA to Consortium for $2.08 Billion

According to a press release, “A consortium led by Symphony Technology Group (STG), Ontario Teachers’ Pension Plan Board (Ontario Teachers’) and AlpInvest Partners (AlpInvest) has entered into a definitive agreement with Dell Technologies (NYSE: DELL) to acquire RSA in an all-cash transaction for $2.075 billion, subject to certain adjustments. The transaction, which includes the purchase of RSA Archer, RSA NetWitness Platform, RSA SecurID, RSA Fraud and Risk Intelligence and RSA Conference, is expected to close in the next six to nine months. Terms of the agreement were not disclosed.”