NTSC Technology Security Roundup

Weekly News Roundup: April 8, 2019

DHS Secretary Kirstjen Nielsen Resigns

On Sunday, DHS Secretary Kirstjen Nielsen submitted her resignation letter to President Trump and her resignation will take effect on April 10. Serving in this role since December 6, 2017, Secretary Nielsen oversaw several important initiatives related to national cybersecurity policy including an evolved DHS cybersecurity strategy, the creation of the National Risk Management Center, the creation of the Information and Communications Technology (ICT) Supply Chain Task Force, the elevation of the National Protection and Programs Directorate (NPPD) to the Cybersecurity and Infrastructure Security Agency (CISA), and improvements related to the sharing of threat indicators with the private sector. According to The Hill, “Her departure will be viewed as a blow to DHS's cyber policies and operations, which she often championed and publicly discussed.”

States May Be Ready to Pass Wave of Data Security Laws for Insurance Industry

So far, Ohio, South Carolina, and Michigan have passed data security legislation modeled on the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law. Many experts believe this is only the beginning. According to Bloomberg Law, “Mississippi’s governor approved a measure April 3, and Connecticut, New Hampshire and two other states have bills moving in their legislatures. The states largely are using a 2017 model law by the National Association of Insurance Commissioners, which draws from the New York Department of Financial Services’ cybersecurity regulation for the financial services industry. […] More states are expected to adopt similar, but likely not uniform, versions of the model law in the next few years, data security and insurance professionals said. […] The model and state versions generally require covered entities to have written information security programs, complete risk assessments, and maintain incidence response plans, among other provisions.”

Demands of Cybersecurity Duties Stretching FBI Time and Money Thin

As cybersecurity concerns become more time-consuming as part of the FBI’s day-to-day activities, the capacity to fulfill its cyber law enforcement duties grows more difficult. FBI Director Christopher Wray presented this scenario to Congress last Thursday and asked for more resources to help protect cyberspace for both the government and private sector. According to FCW, “The bureau is requesting an additional $70.5 million to enhance information-sharing abilities and augment its current cyber tools and capacities, as well as add 33 positions. That's on top of its current funding of $452 million in salaries and expenses on 1,981 employees for cyber-related investigations, according to its latest budget request. Wray said 25 new positions would be primarily dedicated to data analysis, a growing need as criminal investigations in nearly every arena increasingly come with significant cyber or digital evidence components. The sheer amount of data the bureau must ingest, process and analyze has greatly accelerated over the past few years, and Wray indicated those trends will only continue upward in the future.”

Women Now Make Up About a Quarter of the Cybersecurity Workforce

In some good news for cybersecurity diversity, women’s participation in the cybersecurity workforce continues to increase. According to a press release, (ISC)²’s 2019 Women in Cybersecurity report reveals that women now represent 24% of the cybersecurity workforce. (ISC)² notes that its past research had estimated the percentage of women working in cybersecurity at 11%, but with a change to research methodology – including surveying IT/ICT professionals who spend at least 25% of their time on cybersecurity responsibilities –24% of study participants were women. The report also found that although men still outnumber women in cybersecurity by about three to one overall, women in the field are advancing to leadership positions. According to survey respondents, higher percentages of women than men are attaining senior leadership and decision-making positions.

Carbon Black Research Details Notable Rise in Island Hopping and Counter Incident Response (IR) Behaviors

According to a press release, Carbon Black recently announced the release of its latest Global Incident Response Threat Report, aggregating key findings from IR partner investigations during the last 90 days. Among the key findings from the report:

  • Half of today’s surveyed attacks leverage “island hopping,” the report noted, meaning attackers are not only after a network, but supply chains as well.
  • More than half of survey respondents (56%) encountered instances of counter-incident response in the past 90 days.
  • 70% of all attacks now involve attempts at lateral movement, according to the survey results, as attackers take advantage of new vulnerabilities and native operating system tools to move around a network.
  • Nearly a third (31%) of targeted victims now experience destructive attacks, the survey noted — an alarming byproduct of attackers gaining better and more prolonged access to targets’ environments.

According to the survey results, the financial and healthcare industries remain most vulnerable to destructive attacks, but the threat to manufacturing companies has grown significantly. In the past 90 days, nearly 70% of all respondents saw attacks on the financial industry, followed by healthcare (61%) and manufacturing (59%, up from 41% in the previous report).