NTSC Blog

Weekly News Roundup: September 23, 2019

CISA CYBER SUMMIT

Last week, the 2019 CISA Cybersecurity Summit took place in National Harbor, Maryland, where various keynote speakers and panelists talked about important topics related to national cybersecurity policy.

• CISA Chief Calls on Cybersecurity Community to ‘Stop Selling Fear’: According to NextGov, “During a speech at the agency’s second annual Cybersecurity Summit, Krebs called on industry and government experts to do more to help society grapple with the growing array of digital threats targeting governments, private companies and everyday citizens. Those efforts can take in a wide variety of shapes, he said, from helping more small- and medium-size businesses bolster their networks to supporting cybersecurity education for high school and college students.”
• CISA stepping into cybersecurity coordinator role as agencies improve cyber hygiene: According to the Federal News Network, “Jeanette Manfra, the assistant director for cybersecurity at the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, said less time spent enforcing basic cyber hygiene standards allows CISA to play more of a cyber oversight role, providing ‘operational implementation guidance’ of policies and setting standards. Through two of its signature programs – Continuous Diagnostics and Mitigation, and its cyber hygiene program – Manfra said CISA has made it easier for agencies to show tangible progress in meeting their cybersecurity goals.”
• Sen. Warner hits on Huawei at opening of CISA cybersecurity summit's day two: According to Inside Cybersecurity, “Sen. Mark Warner (D-VA) [on Thursday] issued a harsh rebuke of Huawei as an immediate threat to national networks and build-out of a global 5G system, describing the technological challenge as ‘unprecedented’ in terms of lacking a U.S.-based solution. U.S. allies and other countries are asking ‘show me the back door’ in terms of how Huawei components and equipment can be compromised, Warner said, as those nations' leaders push back against U.S. claims about the threat.”
• Government cyber reskilling programs are just getting started, Federal CIO says: According to CyberScoop, “Federal Chief Information Officer Suzette Kent says she expects the government’s Cybersecurity Reskilling Academies to keep expanding over the next few years. As part of the Federal Chief Information Officer Council’s work to bolster the federal cyber workforce, the government has gone through two rounds of academies since last year. The first cohort had over 1,500 applications for just 25 slots. Counting the second round of applications, the academies have had more than 2,300 federal employees apply in all, Kent said at a Department of Homeland Security cybersecurity conference [last] Wednesday.”

Congressional Cybersecurity News Update

Here, we’ve provided a roundup of Congressional cybersecurity news stories from last week.

• Sen. Warner Raises Concerns Over Cybersecurity Practices Leading to Data Breaches: According to Security Magazine, “U.S. Sen. Mark R. Warner (D-VA), Vice Chairman of the Senate Intelligence Committee and former tech entrepreneur, wrote to U.S. Customs and Border Protection (CBP) and South Korean company Suprema HQ, following separate but alarming incidents that impacted both entities and exposed Americans’ personal, permanently identifiable data. In a letter to CBP, Sen. Warner inquired about the information security practices of CBP contractors, in light of a June cyberattack that resulted in the theft of tens of thousands of facial images belonging to U.S. travelers.”
• Lawmakers want to bring back top White House cybersecurity post: According to The Washington Post (courtesy of SFGate), “Just hours after President Donald Trump named former hostage negotiator Robert O'Brien as his new national security adviser, House Homeland Security Committee Chairman Bennie Thompson, D-Miss., and Sen. Mark Warner, D-Va., the top Democrat on the Senate Intelligence Committee, both called on O'Brien to reinstate the White House cybersecurity coordinator role eliminated by O'Brien's predecessor, John Bolton.”
• With 5G in mind, senators plan big boost for Pentagon cybersecurity: According to Roll Call, “Lawmakers are proposing to add more than half a billion dollars to the Pentagon’s 2020 budget for cybersecurity measures, in particular asking the department to include security features enabling its weapons and information systems to safely operate on future 5G worldwide wireless networks. Much of that future infrastructure is being developed by China and could become the global standard.”

National Cyber Security News Update

Here, we’ve provided a roundup of cybersecurity news stories related to national security from last week.

• Treasury sanctions three North Korean cyber groups for targeting critical infrastructure: According to The Hill, “The Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions on [September 13] against three North Korean cyber groups for targeting critical infrastructure. OFAC identified the Lazarus Group and two of its subsidiaries, Bluenoroff and Andariel, as ‘agencies, instrumentalities, or controlled entities of the Government of North Korea,’ noting that all three groups are controlled by RGB, North Korea’s main intelligence bureau.”
• Huawei Users At Risk As U.S. Blacklist Cuts Access To Shared Data On New Cyber Threats: According to Forbes, “Huawei—under heavy fire from the U.S. government over alleged information security issues, has been (temporarily) suspended from the quietly competent global trade body [Forum of Incident Response and Security Teams (FIRST)] responsible for promoting cross-industry information security. As a result, Huawei will be (officially) excluded from shared information on new threats to security platforms and technologies, theoretically slowing down its ability to address or patch those issues for its own products.”
• NIST Proposes PACS Cybersecurity Guidance for Health Providers: According to Health IT Security, “[Last Tuesday, the] NIST National Cybersecurity Center of Excellence released both proposed guidance to help healthcare delivery organizations secure the picture archiving and communication system (PACS) ecosystem and a project to develop an example solution to build stronger security controls.”

Cybersecurity Reports and Surveys Roundup

We’ve rounded up a few of the best cybersecurity reports and surveys released last week:

• DNSSEC fueling new wave of DNS amplification attacks: Reported in Help Net Security, “DNS amplification attacks swelled in the second quarter of this year, with the amplified attacks spiking more than 1,000% compared with Q2 2018, according to Nexusguard.”
• Chubb Survey Finds Disconnect Between U.S. Consumers' Awareness and Actions Toward Cybersecurity: According to a press release, “Chubb's Third Annual Cyber Report, which examined individuals' comprehension of cyber risks and the steps they are taking to protect themselves, [notes that] complacency seems to have taken hold: eight-in-10 Americans continue to be concerned about a cyber breach, yet only 41% use cybersecurity software and 31% regularly change their passwords. These numbers are virtually unchanged from 2018.”
• Threat visibility is imperative, but it’s even more essential to act: Reported in Help Net Security, “Cyberthreats are escalating faster than many organizations can identify, block and mitigate them. Visibility into the expanding threat landscape is imperative, but according to a new threat report released by CenturyLink, it is even more essential to act.”
• Balancing Act: Companies Walking a Fine Line Between Innovation and Cybersecurity, New CompTIA Report Concludes: According to a press release, “The CompTIA study finds that 45 percent of companies are completely satisfied with their current cybersecurity readiness. That's up significantly from the 21 percent of firms that responded that way in 2017, but it leaves more than half of companies still feeling as if they can do more.”
• ControlScan and Cybersecurity Insiders Release New Managed Detection and Response Research Report: According to a press release, “According to the report, more than half (53%) of businesses surveyed are managing their security programs entirely in-house. Of these, 41% said ‘speed of incident response issues’ are a key business challenge. Moreover, this same group of respondents indicated they had not experienced a security incident in the past 12 months (as opposed to 23% for the entire survey sample), and, therefore, were potentially unaware of any past occurrences and/or active security threats.”
• Microsoft: Cyberattacks now the top risk, say businesses: Reported in ZDNet, “In 2017, Marsh and Microsoft found that 62% of respondents saw cyberattacks as a top-five risk, whereas this year 79% do. The share of respondents who see cyber attacks as the number one risk has also risen from 6% to 22% over two years.”
• Federal IT pros optimistic about security, but insider threats remain a challenge: Reported in the Federal News Network, “IT security threats posed by careless or untrained insiders and nation states have risen substantially over the past five years. Sixty-six percent of survey respondents said things have improved or are under control when it comes to malicious threats, but when asked about careless or accidental insiders, that number decreased to 58%.”
• Poll shows senior execs, board members grasp strategic importance of cybersecurity: Reported in Security Boulevard, “Some 83% of respondents said they viewed cybersecurity as critical to their organization, while 66% of the companies reported having implemented a well-defined cybersecurity strategy. […] 60% of C-level executives and 48% of board members indicated they actively participated in formulating cybersecurity strategy.”

Cybersecurity Acquisitions

Two major cybersecurity company acquisitions were reported last week:

• HP Inc. Announces Acquisition of Bromium: According to a press release, HP Inc. announced the acquisition of Bromium, an end point security start-up, on September 19. Bromium protects enterprises by using virtualization-based security to isolate browser-based attacks, malicious downloads, email attachments and other applications in unique, hardware-enforced micro-virtual machines. HP currently licenses the Bromium technology and leverages it for its Sure Click solution. Bromium will become part of HP’s broader platform to secure end-point devices.
• Etisalat Agrees to Acquire Help AG: According to a press release, Etisalat Group (a $52 billion telecom company based in the United Arab Emirates) has entered into a definitive agreement with the shareholders of Help AG to acquire a 100% stake in Help AG. Help AG provides tailored cybersecurity solutions and services in the Middle East. Help AG will continue to operate as a separate legal entity under Etisalat Digital.