IBM Security has released its organizational cyber resiliency report for 2020.  This year’s report, based on research from the Ponemon Institute is based on a survey of IT and cybersecurity experts from around the world.  The National Institute of Science and Technology (NIST) defines cyber resiliency as a merging of systems engineering, resilience engineering, and

The National Institute of Standards and Technology (NIST) has released a baseline guidance for IoT device Cybersecurity.  IoT or Internet of Things refers to computing devices that integrate physical and/or sensing capabilities and network interface capabilities.  Providing security for these devices becomes more challenging as they become smaller, more prevalent, and capable. The Growth of

Mobile Banking Apps Warning The FBI issued a mobile banking apps warning on June 10, 2020.  Many people are now switching over to mobile bank apps to limit visits to the bank during the Covid-19 pandemic.  The agency is concerned that this increased usage presents opportunities for exploitation from cyber actors.  The chief concern is

Industrial Control System Cybersecurity Guidance for Industrial Control System (ICS) Cybersecurity was released on May 22, 2020.  This two page infographic is a joint release from the Cybersecurity and Infrastructure Security Agency (CISA), the Department of Energy (DOE), and the UK’s National Cyber Security Centre (NCSC).  This release addresses the urgent need for owners and

Cyberspace Solarium Commission Report – March 2020 The Cyberspace Solarium Commission Report, released in March 2020, paints a grim picture of the level of cyber vulnerability in the United States.  It stresses the need for immediate action from both the public and private sectors to deter looming catastrophe.  The report focuses on strategic approaches to

Cybersecurity Alert Issued by United States and United Kingdom A cybersecurity alert for healthcare and essential services was filed jointly by the United States and the United Kingdom.   The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the U.K. National Cyber Security Centre (NCSC) issued the alert on May 5, 2020.  These agencies have detected

CMMC Still on Schedule Despite Covid-19 Setbacks The Cybersecurity Maturity Model Certification (CMMC) is still on schedule according to an article posted by National Defense Magazine on April 22, 2020.  CMMC was developed by the Department of Defense and industry as an effective means of implementing a risk based management approach to cybersecurity.  The first

Apple Email App Vulnerabilities Found in Over Half a Billion Devices Apple Email App Vulnerabilities in iPhone and iPad were reported by ZecOps, a mobile security forensics company on April 20, 2020.  These vulnerabilities have existed since the release of iPhone 5 in September of 2012.  The vulnerabilities allows attackers to remotely infect a device

U.S. Government Provides Guidance on North Korean Cyber Threat Guidance was provided on the North Korean cyber threat by the U.S. Departments of State, the Treasury, Homeland Security, and the Federal Bureau of Investigation on April 15, 2020.  North Korea, formally known as the Democratic People’s Republic of Korea (DPRK) continues to pose a significant

Cybersecurity Vulnerabilities Exploited During Coronavirus Crisis Businesses are being strained during the Coronavirus epidemic and Cybersecurity Issues are on the rise.  Cyber criminals and hostile nation states are wasting little time in exploiting the vulnerabilities this crisis has created.  Remote Work Protocols Working remotely has been growing at an exponential rate.  While cybersecurity can be

Unsecured Database Exposed 200 Million on Cloud An unidentified party’s unsecured database exposed 200 million U.S. citizens’ sensitive data.  A CyberNews research team discovered the database which contained 800 gigabytes of unsecured data on a Google Cloud server.  The data included among other data, names, dates of birth, credit ratings, addresses, mortgage and tax records

The FBI Investigating HHS Cyberattack During Coronavirus Crisis The AP reported that Attorney General William Barr has announced that the FBI is investigating the HHS Cyberattack that took place on March 16, 2020 for the involvement of foreign governments.  The incident that was originally reported on Sunday March 16, 2020 by Bloomberg, involved a cyberattack

Business Cybersecurity Report Card for 2019 There are growing concerns for business cybersecurity to meet the challenges of today’s hostile environment.  The international insurance underwriter Hiscox recently released its Hiscox Cyber Readiness Report 2019 and the news was not good.  The report showed that the number of cyber attacks has increased and that businesses of

Understanding CMMC Requirements History Understanding CMMC Requirements is critical for businesses of all sizes in the defense industry.  A key to establishing effective Cybersecurity Maturity Model Certification (CMMC) is knowing what led to its development. Executive Order 13806 In 2017 President Donald Trump signed Executive Order 13806 Assessing and Strengthening the Manufacturing and Defense Industrial

What is Cybersecurity Maturity Model Certification? The Office of the Under Secretary of Defense for Acquisition & Sustainment has released the Cybersecurity Maturity Model Certification program.  The program will be made effective in new programs released by the Department of Defense (DoD) and will be a requirement for product and service providers.  This program has