The Center for Internet Security has, for years, built a list of recommended controls and sold tools to help you manage that. The controls are very IT centered and don’t really cover governance, but the controls can be a good piece of your information security strategy. For as long as I can remember, there were […]
Continue reading → [DISPLAY_ACURAX_ICONS]As I said yesterday, some EOs are a couple of paragraphs long. This one goes on for pages. Today’s post is going to cover the section of the EO that addresses supply chain risk. Supply chain risk, as we saw in both the SolarWinds and Microsoft Exchange attacks, is a huge problem. So what does […]
Continue reading → [DISPLAY_ACURAX_ICONS]While this EO and almost all EOs only affect what executive branch agencies do, it is likely that it will have a big effect on cybersecurity in general. Here are some requirements: The government uses a lot of commercial cloud software. Current contract terms may limit what data a cloud provider is allowed to share […]
Continue reading → [DISPLAY_ACURAX_ICONS]If You Thought the FTC Was Toothless Before, Just Wait I always complained that the FTC’s penalties were way too meek. Now I understand why, but it has just gotten MUCH worse. 99.99% of the blame goes to Congress. Initially, the FTC could not bring lawsuits against businesses at all. All they could do was […]
Continue reading → [DISPLAY_ACURAX_ICONS]The saga of the Colonial Pipeline hack continues. Colonial says that there is fuel flowing through the pipeline again but it will take time to get all of the tributary lines operational. But more importantly, many sources are reporting that Colonial paid $5 million in cryptocurrency to the Russian hackers on Friday, contradicting earlier reports […]
Continue reading → [DISPLAY_ACURAX_ICONS]It is interesting that this attack has captured the attention of consumers and government alike. For those of you not affected, the Colonial Pipeline company runs the major pipeline for refined petroleum products between Houston and New Jersey with many stops in between. The pipeline covers 5,500 millions and moves 100 million gallons of fuel […]
Continue reading → [DISPLAY_ACURAX_ICONS]