#nationalcybersecuritymonth

now browsing by tag

 
 

#nationalcybersecuritymonth | Moody’s, Nasdaq and many others choosing Lithuania for cyber security GBS functions

Source: National Cyber Security – Produced By Gregory Evans

The following article by Invest Lithuania’s Senior Investment Advisor Monika Vilkelytė first appeared in the Outsourcing&More magazine. You can find the original here.

Assigning cyber security operations to GBS centres is a smart move for international companies. But finding the right location for such a centre can be a serious headache. Suitable locations need to have both fast, secure IT infrastructure and a strong pool (and future pipeline) of IT talent. Affordable locations offering this combination are few and far between. That’s why Lithuania, which is ranked 4th globally in the Cyber Security Index, is proving so attractive to global company groups in terms of cyber security operations. The likes of Oracle, Nasdaq and Outokumpu already have cyber security teams in Lithuania, while Moody’s is on the way to building its cyber security capabilities in Vilnius. With a strong pipeline of talent and a clearly defined National Cyber Security Strategy, there’s plenty of room for future growth.

The ever-changing face of cyber security

The number of cyber attacks made against organizations around the world is increasing every year. Worse still, the complexity and severity of these attacks is also growing, as criminals search for ever-more sophisticated ways to break through a company’s cyber defences. With huge amounts of both company and customer data in their systems, and processes that are more deeply interconnected than ever, a major cyber attack could have catastrophic consequences.

GBS and cyber security – a smart combination

To face this ever-changing threat, companies need to be innovative and responsive, constantly updating their cyber defences to meet the latest dangers. And increasingly, global companies are using the GBS model as the most effective way to manage their Cyber Security operations. By centralizing their cyber security team in one location, it becomes easier to adopt new innovative solutions. These teams are also more effective at focusing the limited time and resources a company has on mission-critical cyber services.

Finding a home for your cyber security team

Finding the right model for managing cyber security (a GBS approach) is an important first step, but executing this model well is just as important. And one of the critical decisions a company has to make is where to locate the GBS centre that manages their cyber security.

Two features characterise the ideal location for a cyber security team. The location needs to have fast, well-developed and robust IT infrastructure. It also needs a wealth of IT talent from which to build a team of experts capable of responding to the latest threats.

Finding this combination is already a tall order, without even factoring in cost. This is not an area of operations where you want to cut corners, so low cost locations that don’t offer the quality needed are out of the question. On the other hand, building a team of high quality IT experts is prohibitively expensive in many cities and countries.

Lithuania offers quality infrastructure and talent

Lithuania offers the IT infrastructure and talent businesses need for cyber security, and at competitive costs compared to other EU locations.

Ranked 4th in the Global Cyber Security index, Lithuania’s IT infrastructure is well suited to cyber security operations. It is robust, with a strong focus at the executive level on cyber readiness and resilience. In 2017 Lithuania established a National Cyber Security Centre, and the following year a National Cyber Security Strategy was approved. This strategy covers not only the government, but also a wide range of non-governmental organizations, private sector players, and scientific and educational institutions. This means the whole ecosystem is building resilience, as shown by the introduction of advanced warning systems at critical infrastructure facilities last year.

In terms of talent, there are currently 38,000 IT professionals in Lithuania, with a further 10,600 students enrolled in IT studies. Funding for IT studies was recently doubled, ensuring further growth in the flow of IT talent. The government has also invested in an upskilling project focused on key areas including cyber security and AI, with the aim of adding new specialists to the market. Universities in Lithuania’s two largest cities, Vilnius and Kaunas, offer dedicated programmes for cyber security specialists, including MScs in Information and Information Technology Security, a BSc programme in Information Systems and Cyber Security and an MSc in Cybersecurity Management.

This means the level of quality, in terms of both talent and infrastructure, is comparable to other leading EU destinations. But, unlike those locations, Lithuania is a far more cost-competitive option.

Cost advantages to help you build the right team

Junior IT staff such as database administrators of Unix / Linux administrators can be hired to a around €2,000 per month, including taxes. The average salary for a senior QA specialist with 5 years’ experience is €2,700 tax inclusive, while a Senior cyber security specialist with 5 years experience earns €3,360. This means assembling a skilled cyber security team which includes highly experienced professionals is affordable and sustainable in Lithuania.

What’s more, Lithuania has the 3rd most affordable internet rates in Europe, and office rental costs are also highly competitive. As a result, overheads for GBS centres are also low in comparison with other EU locations.

Nasdaq, Moody’s, Oracle and more

These strong fundamentals have attracted some of the world’s largest companies to set up cyber security teams in Lithuania. Moody’s established a GBS centre in Vilnius in early 2019 which is planned to include an advanced cyber security unit. In fact, the availability of talent in this area was one of the major reasons Moody’s chose Lithuania, as Duncan Neilson, SVP HR Regional Lead EMEA explained when the centre was announced:“Given our goals of hiring diverse talent and further developing our automation and cyber security capabilities, choosing Lithuania as our newest EU location makes good business sense.”

Nasdaq also operates an IT centre in Vilnius. This centre has been developing constantly since its establishment in 2015 – it grew from 30 to 300 FTEs in 3 years – and includes a cyber security team. On a visit to Lithuania, Nasdaq’s CEO and president Adena Friedman noted the strength of the IT talent available. “This place has a great talent pool,” she commented. “At first we thought Lithuania was a centre of low cost, but today Vilnius is a centre of professionalism for us. This city is going to be an ever more important player for us.”

Overall, almost 10% of the GBS centres in Lithuania perform cyber security functions. This includes GBS centres of companies such as Danske Bank, DXC Technology, Outokumpu, Devbridge Group, TransUnion and many more. And the number is growing all the time.

Cyber security products developed in Lithuania

Lithuanian cyber security teams are adept at product development as well. Oracle runs an office of 50 specialists in Kaunas who develop a range of products, including web application firewalls, and advanced API, DDoS, and cloud-based malware protection. According to Leon Kuperman, Vice President of the company’s software development division Oracle Dyn, the Kaunas team will be further expanded: “We are planning significant growth in the region, so we may need to move to a bigger office.”

TransUnion has a special team of Lithuanian cyber security specialists who continuously monitor the online security of more than 1,200 company employees and the information systems of TransUnion’s corporate customers worldwide. “The platform monitoring teams who are working on cyber security are the only TransUnion UK teams that operate 24/7, ensuring the uninterrupted and stable operation of all systems,” says  Jonas Lukošius, Manager of TransUnion’s Kaunas office.

There are a number of other cyber security development teams operating in the Kaunas-Vilnius hub. NRD Cyber Security focuses on offering protection for public service providers, law enforcement, critical infrastructure and more, while US-based Arxan offers guarding solutions injected directly into its clients’ binary code. “We currently have offices in the US, the UK, and Japan,” says Andrew Whaley, Arxan’s SVP Head of Engineering. “In the near future, Vilnius has the potential to become our largest software development office.” Then there is CUJO AI, a Lithuanian tech company that develops AI-based online security solutions.

More talent and expertise

This developed ecosystem, combined with the range of cyber security training opportunities offered by local universities, means there is plenty of know-how and experience on offer in Lithuania. Existing players are actively involved in training up new talent – Moody’s cooperates with ISM business school, Oracle offers its own multi-level training programme, and Danske Bank offers flexible arrangements to students so they can begin working while they complete their studies.

Therefore, as the sector matures, an even deeper pool of expertise in cyber security will be available to companies looking to establish GBS centres in Lithuania.

The original article can be found here.

Source link

The post #nationalcybersecuritymonth | Moody’s, Nasdaq and many others choosing Lithuania for cyber security GBS functions appeared first on National Cyber Security.

View full post on National Cyber Security

#nationalcybersecuritymonth | Opportunistic scammers are preying on coronavirus fears, warn West Yorkshire Police

Source: National Cyber Security – Produced By Gregory Evans

Numerous scams have emerged as criminals seek to take advantage of concerns ranging from how to reclaim money lost on holidays to financial support when schools close.

West Yorkshire Police, Action Fraud and others have been using their own social media channels to raise awareness of the tactics being used.

Ramona Senior, the head of West Yorkshire’s Economic Crime Unit, said her team was anticipating an influx in reports of such scams as fraudsters were very good at “diversifying”.

West Yorkshire Police are warning people about coronavirus scams Copyright: jpimedia

Investigators typically see seasonal scams tied into things like Christmas shopping, Hajj pilgrimages or HMRC tax return deadlines.

Tickets scams linked to big events like music festivals are another example of how the criminals will seek to exploit people using whatever is topical.

Ms Senior said fraudsters will also look at big talking points in the news like last year’s collapse of Thomas Cook, using emails, text messages and cold calling to try to lure in potential victims.

“They make up all sorts of things that sound legitimate at the time,” she said. “Everything that’s in the public eye, a news report about something that creates anxiety or people may lose money and want to protect themselves, is a bit of an opportunity for the fraudsters.”

The force’s Cybercrime Team has warned in recent days about the risk of downloading apps claiming to provide information on the spread of the virus, which are being used as a way to get malware onto people’s phones.

It also shared an image of a malicious website which is luring in people searching for coronavirus maps. Visiting the website infects the user’s phone or computer with malware, steals information and accesses sensitive data.

And within days of the news that the UK’s schools would be closing to everyone but the children of key workers, another scam has emerged.

One such email containing fake links and promising funding for families says that if your child’s school is closed and they are entitled to free school meals, then you should click on the link to send your bank details to the school.

Industry body UK Finance advised earlier this week that criminals were using publicity around coronavirus to “pose as genuine organisations, including banks, police officers, government, the World Health Organisation or other health service providers”.

Katy Worobec, managing director of economic crime at UK Finance, said: “We would urge the public to be vigilant against criminals using the publicity around the coronavirus as a chance to target their victims with fraudulent emails, phone calls, text messages or social media posts”.

The organisation said criminals have used coronavirus as a cover story to attempt to get victims to “disclose personal or financial information or click on links that may contain malware”.

Take Five, the national campaign led by UK Finance and others, is also advising people unable to take planned holidays to be wary as criminals may pose as travel companies or airlines.

It has urged anyone in that situation to contact the organisation they made their booking with directly to enquire about refunds.

Meanwhile, experts from the National Cyber Security Centre (NCSC) have revealed a range of attacks being perpetrated online as cyber criminals seek to exploit coronavirus, known officially as Covid-19.

Techniques seen since the start of the year include bogus ‘phishing’ emails with links claiming to have important updates, which once clicked on lead to devices being infected.

Also in crime: ‘The scammers don’t discriminate’ warns trainer with advice on staying safe

As part of GCHQ created to keep the UK safe online, the NCSC has taken measures to automatically discover and remove malicious sites which serve phishing and malware. These sites use Covid-19 and coronavirus as a lure to make victims ‘click the link’.

Director of operations Paul Chichester said: “We know that cyber criminals are opportunistic and will look to exploit people’s fears, and this has undoubtedly been the case with the coronavirus outbreak.

“Our advice to the public is to follow our guidance, which includes everything from password advice to spotting suspect emails.

“In the event that someone does fall victim to a phishing attempt, they should look to report this to Action Fraud as soon as possible.”

Last month, the World Health Organisation (WHO) warned of fraudulent emails sent by criminals posing as the WHO.

This followed a warning from the US Federal Trade Commission about scammers spreading phishing ‘clickbait’ via email and social media, as well as creating fraudulent websites to sell fake antiviral equipment.

Elsewhere, cyber criminals have impersonated the US Center for Disease Control (CDC), creating domain names similar to the CDC’s web address to request passwords and even bitcoin donations to fund a fake vaccine.

Individuals in the UK have also been targeted by coronavirus-themed phishing emails with infected attachments containing fictitious ‘safety measures.’

Source link

The post #nationalcybersecuritymonth | Opportunistic scammers are preying on coronavirus fears, warn West Yorkshire Police appeared first on National Cyber Security.

View full post on National Cyber Security

#nationalcybersecuritymonth | Interos Completes Series B Funding to Drive Data Science

Source: National Cyber Security – Produced By Gregory Evans

Markus Spiske from Pexels

Interos announced it has raised $17.5 million in a Series B funding round to accelerate data science and engineering growth, expand personnel and boost sales to drive commercial momentum for its leading risk management platform.

The funding comes after Interos tripled its headcount, increased annual recurring revenue by 700% and hiked SaaS subscription bookings by 693% in 2019. With the funding, Interos expects to capitalize on last year’s growth and more than double its personnel in 2020, hiring more staff to augment its proprietary software, which exposes critical risks in the global supply chain for leading private and public sector customers. 

 The round was led by first-time investor Venrock with participation from Kleiner Perkins. 

 “After a strong 2019, this funding shows Interos has already secured major support in 2020 from the world’s most successful investors,” said Jennifer Bisceglie, CEO and founder of Interos. “Like our customers, investors see the value of the Interos platform, which is critical for global businesses in 2020. From events like the coronavirus to political unrest, companies need a platform that exposes risks and identifies how events affect suppliers around the world the moment they happen.” 

“Interos is one of the most compelling big data and AI companies I’ve come across in the last decade,” said Nick Beim, Venrock partner. “Over the last 20 years, global supply chains have grown so rapidly and with so much opacity that most companies don’t know who they’re working with or who they’re dependent on. There’s so much data to gather to fully understand those risks, and Interos helps companies address these urgent, strategic issues with a brand new set of capabilities.”

Interos also recently added Phil Venables, a cybersecurity and risk expert to its board of directors. Venables’ distinguished career includes previously serving as Goldman Sachs’ first chief information security officer and head of technology risk, and as its chief operational risk officer. Prior to his work at Goldman Sachs, Venables was the chief information security officer at Deutsche Bank. Venables serves on the executive committee of the U.S. Financial Services Sector Coordinating Council for Critical Infrastructure Protection, is co-chair of the Board of Sheltered Harbor, and is a member of the boards of the Center for Internet Security and the NYU Tandon School of Engineering. He is also an adviser to the cybersecurity efforts of the U.S. National Research Council and the Institute for Defense Analyses.

Interos has worked with the U.S. Department of Defense, NASA and Department of Energy critical infrastructure. Interos uses machine learning to build and maintain the world’s largest knowledge graph of over 50 million relationships to discover and monitor the entirety of a supplier ecosystem. Each month, Interos ingests over 85,000 information feeds, processing over 250 million risks a month. Interos instantly visualizes the most complex multi-tier relationships, updating and alerting to changes in risk along five factors: financial, operations, governance, geographic and cyber.

 “In today’s interconnected world, Interos is bringing clarity to the muddled, confusing nature of supplier relationships,” said Ted Schlein, partner at Kleiner Perkins. “By automating due diligence, leveraging sophisticated technology and exposing vital risks, Interos shines a light on an otherwise opaque global supply chain.”

Source link

The post #nationalcybersecuritymonth | Interos Completes Series B Funding to Drive Data Science appeared first on National Cyber Security.

View full post on National Cyber Security

#nationalcybersecuritymonth | Ways government, industry can overcome a perpetual challenge

Source: National Cyber Security – Produced By Gregory Evans

A congressional report recommended that the federal government takes several measures to improve its intelligence sharing relationship with industry through policy reviews and joint collaboration platforms.

The report, created by the Cyberspace Solarium Commission (made up of government and nongovernment cyber experts), presented 75 cyber policy recommendations, including the recognition that information sharing is a perpetual challenge both between feds and private industry and agencies within the federal government.

The report suggests that Congress direct the executive branch to undergo a six-month review of intelligence policies, procedures and resources to identify pieces that inhibit the intelligence community to effectively share information.

“It needs to be done better in terms of higher level of collaboration [at] more senior levels between and among the government and private sector,” said Tom Gann, chief public policy officer at McAfee.

To start, the report calls on the federal government to create a “systemically important critical infrastructure” designation that would allow operators of that infrastructure to receive special assistance from the government to secure their systems.

The information sharing relationship between the government and industry needs to include more contextualized information, Gann said, which provides greater insight into the overall threat environment. Industry doesn’t need to know just that there’s new malware and who sent it, but also what organizations and senior leaders of actors might be involved, as well as motivations.

“It’s building as complete of a picture as you can of a threat environment on a day-to-day basis … which is so important,” Gann said.

There are some efforts within the federal government focusing on improving intelligence sharing with private industry. The Cybersecurity and Infrastructure Security Agency at the Department of Homeland Security works with private and public sector partners to protect critical infrastructure. Another effort at the NSA’s Cybersecurity Directorate is focusing on intelligence sharing with the Defense Industrial Base.

To further those efforts, the report also suggests Congress fund the creation of a “Joint Collaborative Environment,” which would host both classified and unclassified cyberthreat information, malware forensics and network data. The platform would share information with other federal agencies and owners of “important” critical infrastructure, and eventually expanding to intelligence sharing and analysis centers, and a larger swath of critical infrastructure operators. The commission also proposed a Joint Cyber Planning Cell to coordinate cybersecurity planning efforts with the private sector.

The report also recognizes that U.S. government doesn’t know how to best serve the private sector with intelligence collection. In order to mitigate that, the report recommends that the Congress mandate a “formal process to solicit and compile private-sector input to inform national intelligence priorities, collection requirements, and more focused U.S intelligence support to private-sector cybersecurity operations.”

The private sector was a critical piece of the commission’s three-pronged, layered deterrence strategy it recommended. Strengthening the feds’ relationship with the critical infrastructure operators was a key aspect of the report, as demonstrated by the participation of Tom Fanning, CEO of Southern Company, a utility company.

To further that relationship, the federal government and different cybersecurity providers, such as telecom and end-point security companies, may want to explore what it would look like to partner with the federal government and allow it to actively block malicious activity, said Michael Daly, chief technology officer for cybersecurity and special missions at Raytheon.

“I think there would be a benefit to us at least investigating that as an option — how could we use public-private partnerships to do more active blocking?” Daly said.

Daly added, “If we know that’s a malicious site, let’s not let our citizens go to it.”

Source link

The post #nationalcybersecuritymonth | Ways government, industry can overcome a perpetual challenge appeared first on National Cyber Security.

View full post on National Cyber Security

#nationalcybersecuritymonth | The Web’s Bot Containment Unit Needs Your Help — Krebs on Security

Source: National Cyber Security – Produced By Gregory Evans

Anyone who’s seen the 1984 hit movie Ghostbusters likely recalls the pivotal scene where a government bureaucrat orders the shutdown of the ghost containment unit, effectively unleashing a pent-up phantom menace on New York City. Now, something similar is in danger of happening in cyberspace: Shadowserver.org, an all-volunteer nonprofit organization that works to help Internet service providers (ISPs) identify and quarantine malware infections and botnets, has lost its longtime primary source of funding.

Image: Ghostbusters.

Shadowserver provides free daily live feeds of information about systems that are either infected with bot malware or are in danger of being infected to more than 4,600 ISPs and to 107 national computer emergency response teams (CERTs) in 136 countries. In addition, it has aided the FBI and other nations’ federal law enforcement officials in “sinkholing” domain names used to control the operations of far-flung malware empires.

In computer security lexicon, a sinkhole is basically a way of redirecting malicious Internet traffic so that it can be captured and analyzed by experts and/or law enforcement officials. Typically, a sinkhole is set up in tandem with some kind of legal action designed to wrest control over key resources powering a malware network.

Some of these interventions involving ShadowServer have been documented here, including the Avalanche spam botnet takedown, the Rustock botnet takeover, the Gameover malware botnet seizure, and the Nitol botnet sneak attack. Last week, Shadowserver was instrumental in helping Microsoft kneecap the Necurs malware network, one of the world’s largest spam and malware botnets.

https://krebsonsecurity.com/

Image: Shadowserver.org

Sinkholing allows researchers to assume control over a malware network’s domains, while redirecting any traffic flowing to those systems to a server the researchers control. As long as good guys control the sinkholed domains, none of the infected computers can receive instructions about how to harm themselves or others online.

And Shadowserver has time and again been the trusted partner when national law enforcement agencies needed someone to manage the technical side of things while people with guns and badges seized hard drives at the affected ISPs and hosting providers.

But very recently, Shadowserver got the news that the company which has primarily funded its operations for more than 15 years, networking giant Cisco Systems Inc., opted to stop providing that support.

Cisco declined to respond to questions about why it withdrew funding. But it did say the company was exploring the idea of supporting the organization as part of a broader support effort by others in the technology industry going forward.

“Cisco supports the evolution of Shadowserver to an industry alliance enabling many organizations to contribute and grow the capabilities of this important organization,” the company said in a written statement. “Cisco is proud of its long history as a Shadowserver supporter and will explore future involvement as the alliance takes shape.”

To make matters worse, Shadowserver has been told it needs to migrate its data center to a new location by May 15, a chore the organization reckons will cost somewhere in the neighborhood of $400,000.

“Millions of malware infected victims all over the world, who are currently being sinkholed and protected from cybercriminal control ​by Shadowserver, may lose that critical protection – just at the time when governments and businesses are being forced to unexpectedly stretch their corporate security perimeters and allow staff to work from home on their own, potentially unmanaged devices, and the risk of another major Windows worm has increased,” Shadowserver wrote in a blog post published today about their financial plight.

The Shadowserver Foundation currently serves 107 National computer emergency response teams (CERTs) in 136 countries, more than 4,600 vetted network owners and over 90% of the Internet, primarily by giving them free daily network reports.

“These reports notify our constituents ​about millions of misconfigured, compromised, infected or abusable devices for remediation every day,” Shadowserver explained.

The group is exploring several options for self-funding, but Shadowserver Director Richard Perlotto says the organization will likely depend on a tiered “alliance” funding model, where multiple entities provide financial support.

“Many national CERTs have been getting our data for free for years, but most of these organizations have no money and we never charged them because Cisco paid the bill,” Perlotto said. “The problem for Shadowserver is we don’t blog about our accomplishments very frequently and we operate pretty quietly. But now that we need to do funding it’s a different story.”

Perlotto said while Shadowserver’s data is extremely valuable, the organization took a stance long ago that it would never sell victim data.

“This does not mean that we are anti-commercial sector activities – we definitely believe that there are huge opportunities for innovation, for product development, and to sell cyber security services,” he said. “Shadowserver does not seek to compete with commercial vendors, or disrupt their business models. But we do fundamentally believe that no-one should have to pay to find out that they have been a victim of cybercrime.”

Most immediately, Shadowserver needs to raise approximately $400,000 by the end of this month to manage the migration of its 1,300+ servers out of Cisco’s California data center into a new facility.

Anyone interested in supporting that migration effort can do so directly here; Shadowserver’s contact page is here.

Update 10:46 a.m., ET: Added comment from Cisco.



Tags: Cisco Systems, Richard Perlotto, Shadowserver Foundation

Source link

The post #nationalcybersecuritymonth | The Web’s Bot Containment Unit Needs Your Help — Krebs on Security appeared first on National Cyber Security.

View full post on National Cyber Security

#nationalcybersecuritymonth | Agencies Post Opportunities for Reskilling Academy Grads to Use Their New Cyber Skills

Source: National Cyber Security – Produced By Gregory Evans

As the Trump administration works to reskill current federal employees to meet the workforce needs of the 21st century, lead agencies are now making sure there are jobs for those trainees to transition to—at least temporarily.

Wednesday, the Office of Management and Budget and Office of Personnel Management, in conjunction with the Federal Chief Information Officers Council, announced the first wave of “temporary detail opportunities.” Nine positions were posted to the Open Opportunities job board, where current federal employees can find temporary or part-time work with other agencies to improve their skills.

While the details are open to any qualified federal employee, the latest push is intended to create opportunities for graduates of the Cyber Reskilling Academy.

“We cannot overcome the shortage in the federal cybersecurity workforce overnight,” Federal CIO Suzette Kent said Wednesday in a statement. “By continuing to invest and support reskilling programs, coupled with hands-on opportunities to apply those skills, the federal government is positioning itself to strengthen our cybersecurity workforce capabilities.”

The Reskilling Academy launched in April 2019 with an initial cohort of 25 students, plucked from more than 2,000 applicants from across government with no prior cybersecurity or IT background. Those students went through 13 weeks of training and came out the other side with a set of basic cyber defense skills. However, due to the nature of the federal employment hierarchy—known as the General Schedule—those graduates were not able to immediately transition to cybersecurity jobs.

OMB recognized the job placement issue and began looking at ways to move the program forward, including first broaching the idea in October of using Open Opportunities.

“By serving as a governmentwide bulletin board for short-term assignments, details and training opportunities around the federal government, Open Opportunities will help agencies tap into the valuable talent and skills we already have and are developing within government,” said OPM Director Dale Cabaniss.

The postings that went live Wednesday do not give specific timeline for the details. However, back in October, OPM Principal Deputy Associate Director for Employee Services Veronica Villalobos told Nextgov the agency was looking at nine-month tours.

Three agencies—Homeland Security’s Cybersecurity and Infrastructure Security Agency, the Veterans Affairs Department and the Environmental Protection Agency—posted nine openings Wednesday to Open Opportunities, most with multiple positions available.

The posts contain a brief description of the office seeking assistance, a rundown of the tasks the employee will be asked to perform and a list of skills they should expect to leave with when the detail is done.

Most of the openings focus on policy and security assessments. For example, the VA opportunity is for a “junior IT specialist to prepare, deploy and transition DOD/VA electronic health records.” In this role, the detailee will work with the Office of Electronic Health Record Modernization to review documentation for the authority to operate—a certification verifying a baseline of cybersecurity for an application—and make edits and recommendations, as needed.

Similarly, CISA has two to five openings for GS-12 to GS-15 employees to serve as cyber policy and strategy planners. The position “[d]evelops policies and plans and/or advocates for changes in policy that support organizational cyberspace initiatives or required changes/enhancements,” per the posting, which cites the job description directly from the National Initiative for Cybersecurity Education, or NICE.

The administration is also looking to expand the Reskilling Academy outside of OMB. In the president’s 2021 budget proposal, OMB directed departments to include funding for a distributed reskilling effort run independently out of each agency but based on the central Reskilling Academy model. Per the plan, the administration hopes to reskill some 400,000 federal employees in cybersecurity, data science and other technology-focused areas.

Source link

The post #nationalcybersecuritymonth | Agencies Post Opportunities for Reskilling Academy Grads to Use Their New Cyber Skills appeared first on National Cyber Security.

View full post on National Cyber Security

#nationalcybersecuritymonth | Trump administration officials brief Congress on election security

Source: National Cyber Security – Produced By Gregory Evans

Top law enforcement and intelligence community officials briefed members of Congress on election security in a pair of panels Tuesday afternoon, telling lawmakers they had “nothing to support” the notion that Russian President Vladimir Putin favored one candidate or another or had ordered actions on any given candidate’s behalf. They said the Russian government’s objective was to sow discord in U.S. political processes, sources said. 

Three sources familiar with Tuesday’s briefing said there were inconsistencies between the election security assessment delivered Tuesday and the one given to the House Intelligence Committee last month.

It appeared to two sources familiar with both February’s and Tuesday’s briefings that the assessment delivered Tuesday was crafted to avoid saying the Russian government had established a preference for Mr. Trump, a conclusion that had been expressed by representatives from multiple intelligence agencies before that panel in February. 

Lawmakers were also briefed last month on Russia’s efforts to boost Democratic candidate Bernie Sanders’ campaign

Separately, three sources also said the intelligence community has not yet furnished intelligence that members of both parties had requested in the February closed-door session that supported the assessment that the Russian government had developed a preference for President Trump. 

Richard Grenell, the acting director of national intelligence, was not among the officials briefing members of the House and Senate. President Trump made the controversial decision to tap Grenell as acting DNI last month. Grenell, the U.S. ambassador to Germany, has virtually no national intelligence experience.

Members heard from FBI Director Christopher Wray, Acting Homeland Security Secretary Chad Wolf, Cybersecurity and Infrastructure Security Agency Director Chris Krebs, and Assistant Attorney General John Demers, among other officials. Instead of Grenell, Bill Evanina, the director of the National Counterintelligence and Security Center, represented the Office of the Director of National Intelligence (ODNI).

An ODNI spokesperson said that the FBI and DHS are in charge of securing the U.S. elections, and the intelligence community was participating in the briefings “in support of that mission.” The intelligence community’s efforts are focused on “detecting and countering foreign election-related threats,” the spokesperson said. 

Shelby Pierson, the election security threats executive at ODNI, also did not appear at the briefing. Pierson’s position at ODNI appeared to be in jeopardy after the president learned she had delivered a February 13 assessment on, among other things, Russian election interference before lawmakers on the House Intelligence Committee. The assessment, which was based on intelligence collected by multiple agencies, indicated that Russia had established a preference for Mr. Trump, multiple sources familiar with the briefing told CBS News. 

The president was infuriated that Democrats on the committee, including Chairman Adam Schiff, who served as lead House manager during last month’s impeachment proceedings, were briefed on information that Mr. Trump feared could be used as a political weapon against him. He was informed of the briefing by House Republicans, though it is not clear how the substance of the briefing was characterized.

After learning of the briefing, Mr. Trump summoned Joseph Maguire, who had been serving as acting director since August, to explain why it had taken place. Days later, the president named Grenell to the role, and Maguire resigned from government. Administration sources have contended that Maguire’s ouster was unrelated to the president’s displeasure with the House briefing.

However, Pierson said in February that she would not be dismissed from her position and that she had the support of Grenell.

“Ambassador Grenell has not asked me to leave,” Pierson said. “In fact, he has encouraged and affirmed his support for my position here in the organization. I have not asked to depart nor discussed resignation in any way.”

Grace Segers contributed to this report.

Source link

The post #nationalcybersecuritymonth | Trump administration officials brief Congress on election security appeared first on National Cyber Security.

View full post on National Cyber Security

#nationalcybersecuritymonth | New Windows Vulnerabilities Highlight Patch Management Challenges –

Source: National Cyber Security – Produced By Gregory Evans

Microsoft’s monthly “Patch Tuesday” is an important part of the cyber hygiene routine for anyone in IT (including home users). This month’s update proved to be a particularly critical one.

Early in January, the National Security Agency (NSA) alerted Microsoft to a major flaw in Windows 10 that could let hackers pose as legitimate software companies, service providers, websites, or others. “It’s the equivalent of a building security desk checking IDs before permitting a contractor to come up and install new equipment,” Ashkan Soltani, a security expert and former chief technologist for the Federal Trade Commission, told CNN.

Fortunately, Microsoft acted quickly and issued a critical update — CVE-2020-0601 — on January 14.

Despite this quick action, businesses and government have a habit of missing, ignoring, or delaying important patches and updates. They do so at their peril. In 2019, the majority of cybersecurity breaches were a result of unapplied patches. However, the reasons for this oversight are complicated and often unintentional.

Patch management — IT’s nightmare

Getting a handle on patch management is an unending challenge for IT and security teams. Last year, 12,174 common vulnerabilities and exposures (CVEs) were reported — making patching an almost impossible task for any organisation. In fact, it takes the average organisation 38 days to patch a vulnerability. Even then, 25% of software vulnerabilities remain unpatched for more than a year.

One of the biggest obstacles to frequent patching is that security teams struggle to identify everything that needs to be fixed. Understaffed and struggling with alert fatigue, it can be hard to identify the systems that are yet to be updated, prioritise remediation, and apply patches quickly.

To add to their workload, IT and cybersecurity teams must also make certain that the appropriate security policies are in place to ensure that users regularly update their PCs and devices, and don’t delay the inevitable “Windows Update”. Risk also extends beyond the four walls of the business.

Third- and fourth-party cyber risk is a big threat to businesses. 59% of breaches have their origins in vulnerable and unpatched third-party systems. The trouble is that vendor risk assessment questionnaires only offer a point-in-time view into the security posture, including unpatched software of suppliers, partners, and sub-contractors. This leaves IT in the dark.

Windows 7 — a new risk

Microsoft has been focused on closing gaps in its Windows 10 OS. This left Windows 7 users walking into a new cybersecurity landmine on January 14, 2020. Microsoft ended support for the nine-year-old OS and will no longer issue security patches or updates.

This is particularly problematic, since almost 70% of organisations are still using Windows 7 in some capacity. It leaves them susceptible to a security issue, attack, or breach — unless they purchase extended support from Microsoft or upgrade to Windows 10.

Fixing the patch management challenge

Maintaining a frequent patching cadence is critical to mitigating cyber risk, but it doesn’t have to be a nightmare.

With the BitSight Security Ratings platform, your organisation can shine a spotlight on vulnerable, unpatched systems and out-of-date operating systems. It provides insight for both internal systems and across nth parties (partners, vendors, customers, etc.). Using these insights, IT teams can prioritise which patches are most critical and take steps to measurably reduce risk. In addition, security ratings make it easier to share actionable security information with other business functions.

This information allows teams to collaborate with each other on pressing security issues. It also helps reduce risk across your business ecosystem. Furthermore, because patching cadence is indicative of the likelihood of a breach, it has stepped into the spotlight as something the Board and C-suite is interested in. Security ratings mean this conversation becomes much easier. Information about vulnerabilities is provided in a straightforward and non-technical way that is easy for everyone to understand.

Organisations can also share security ratings with partners. This allows third parties to identify and rectify issues and blind spots in their systems and software — continuously and in real-time, without waiting on lengthy audits or assessments.

Time is of the essence

As the recent Windows 10 critical update shows, organisations must do everything they can to stay on top of their patching cadence and that of their vendors.

But there’s no need for organisations to be paralysed by the sheer volume of ongoing patches. Learn more about how BitSight can help.


https://www.bitsighttech.com/BitSight transforms how companies manage third and fourth party risk, underwrite cyber insurance policies, benchmark security performance, and assess aggregate risk with objective, verifiable and actionable Security Ratings.

Source link

The post #nationalcybersecuritymonth | New Windows Vulnerabilities Highlight Patch Management Challenges – appeared first on National Cyber Security.

View full post on National Cyber Security

#nationalcybersecuritymonth | Trumps sends top adviser to warn against Huawei

Source: National Cyber Security – Produced By Gregory Evans

U.S. President Donald Trump is dispatching his point man on Huawei Technologies to Ottawa Monday to press the Trudeau government on barring the Chinese telecom giant from next-generation 5G wireless networks in Canada.

Robert Blair, White House special representative for international telecommunications, will be laying out U.S. national-security objections over Huawei’s 5G wireless gear in a meeting with Public Safety Minister Bill Blair and senior officials from the departments of Innovation, Foreign Affairs and Defence, Canadian and U.S. sources say. The Globe and Mail is keeping their names confidential because they are not authorized to publicly comment on the matter.

The U.S. source said that the special representative, who is deputy White House chief of staff as well, will also warn Canada that it could lose access to sensitive intelligence if Huawei is allowed to sell its 5G gear to Canadian wireless carriers.

Story continues below advertisement

This is the first high-level U.S. visit to Ottawa that is solely in support of the U.S. campaign to press allies to bar Huawei from Western telecommunications infrastructure

Washington had also planned to send deputy national-security adviser Matthew Pottinger and economic adviser Larry Kudlow, but they had to cancel to deal with the coronavirus crisis, according to the sources.

The Trump administration, U.S. national intelligence agencies and Congress have led a global campaign against Huawei, arguing that it poses a risk to Western national security. Other countries building 5G networks without Huawei for this reason include Australia, South Korea, India, Japan and Taiwan.

Canada is the only member of the Five Eyes intelligence-sharing alliance – the others are the U.S., Australia, New Zealand and Britain – which has yet to decide whether to bar Huawei from 5G.

Australia, which is more heavily dependent on Chinese trade, has joined the U.S. ban of Huawei, and New Zealand has rejected one wireless carrier’s proposal to use Huawei gear in a 5G network.

Britain angered Washington last month when it took a different course than other Five Eyes members. It rejected U.S. calls for a ban and instead limited Huawei to 35 per cent of the British telecommunications market, banned it from sensitive areas and promised regular testing of Huawei gear for any possible backdoors.

Canada has been conducting a cybersecurity review since last year but has given no indication when a decision will be forthcoming despite pleas from Canada’s telecom carriers for Ottawa to make an announcement. Even with the review under way, Telus announced last month that it would proceed to build its 5G network with Huawei gear.

Story continues below advertisement

The Globe has reported that the Canadian military and Canadian Security Intelligence Service want Huawei barred while the Communications Security Establishment, which handles cybersecurity, believes Huawei gear can be tested and monitored for possible backdoors.

The department of Innovation, Science and Industry is also involved in evaluating whether to allow Huawei into the country’s 5G networks.

Innovation Minister Navdeep Bains said last week – in an apparent reference to the U.S. campaign against Huawei – that Canada “won’t get bullied by any other jurisdiction” in its decision.

When the CBC’s Power & Politics asked Mr. Bains whether he was referring to the Trump administration, he said: “Maybe that was the wrong choice of words. …We won’t be influenced by other jurisdictions. We will make our own independent decision.”

Asked again if he felt that the United States was “bullying Canada”, Mr. Bains said “countries have raised their concerns.”

Separately, Foreign Affairs Minister François-Philippe Champagne has hired an adviser on Asia-Pacific matters who, in a paper published online last December, advised against Canada allowing itself to be drawn too deeply into a U.S.-China conflict.

Story continues below advertisement

“Given deepening U.S.-China antagonism, there is a danger that Canada is siphoned into a higher-level sharp conflict of hearts and minds against China, which would not serve Canadian interests,” University of Ottawa professor Pascale Massot wrote in a paper titled Global order, U.S.-China relations and Chinese behaviour: The ground is shifting, Canada must adjust.

“The current dominant narrative depicting China as a threat to the global order creates a hunkering down mentality and is not conducive to seeing the global order’s limitations and need for reform or to engaging system outsiders in a constructive way,” she wrote.

“A key question for Canadian foreign policy going forward will be how to carve room for manoeuvre given the triangular nature of the U.S.-China-Canada relationship.”

There is a bipartisan consensus in the U.S. Congress that Huawei should be banned. Republicans in both houses have even tabled legislation to ban intelligence sharing with allies that use Huawei 5G gear.

Last year, the Democratic vice-chair of the U.S. Senate intelligence committee, Mark Warner, urged Canada to set aside any ill feelings toward Mr. Trump and join the U.S. in blacklisting Huawei.

Source link

The post #nationalcybersecuritymonth | Trumps sends top adviser to warn against Huawei appeared first on National Cyber Security.

View full post on National Cyber Security

#nationalcybersecuritymonth | Rochdale News | News Headlines | Internet savvy Whitworth girls reach semi-final of national competition

Source: National Cyber Security – Produced By Gregory Evans



Date published: 05 March 2020


Three students from Whitworth Community High School got to pit their skills against other schools in the semi-final of a national competition held at PricewaterhouseCoopers office in Leeds.

Grace Campbell-Ousey, 12, Skye Wilkinson, 12, and Elizabeth Gack, 12, were selected for the second round of the The CyberFirst Girls Competition, set up by GCHQ’s National Cyber Security Centre.

The competition is aimed at promoting the industry as a career option to girls to increase diversity in the workforce.

Skye said: “The top 12 girls were split into groups of three for the first part of the competition which we completed online.

“We had four categories, networking, logic and coding, cryptography and cyber security, and we had a series of tasks at beginner, intermediate and expert levels.

“There was a lot of pressure and we had four hours, with a break for lunch, in which to complete as many tasks as we could.”

Both Grace and Elizabeth said they enjoyed the networking tasks best, but Grace said the cryptography was hard. Although all the tasks offered hints, they resulted in points being deducted if they were used.

Skye said: “My favourite part was speaking to the people who were running the competition and I learnt a lot from what they had to say.”

The competition certainly inspired Skye and Grace because they have both signed up for a development day workshop at a university in June and they are looking at computing careers.

Source link

The post #nationalcybersecuritymonth | Rochdale News | News Headlines | Internet savvy Whitworth girls reach semi-final of national competition appeared first on National Cyber Security.

View full post on National Cyber Security