It’s undeniable that Machine Learning (ML) is changing the game for securing cloud infrastructure. Security vendors have rapidly adopted ML as part of their solutions, and for good reason: By analyzing massive quantities of data, it can help identify threats, speed incident response, and ease the burden on over-taxed security operations teams.
Following months of virtual meetings, testimony and study, U.S. Attorney General William P. Barr submitted the final report of the President’s Commission on Law Enforcement and the Administration of Justice to the White House. This report represents the first comprehensive study of law enforcement in more than 55 years.
The Department of Homeland Security (DHS) issued a business advisory to American businesses warning of risks associated with the use of data services and equipment from firms linked to the People’s Republic of China (PRC).
Meet Ali Golshan, CTO and co-founder at StackRox, a Mountain View, Calif.-based leader in security for containers and Kubernetes. Prior to StackRox, he was the Founder & CTO of Cyphort (acquired by Juniper Networks) and led the company's product strategy and research initiatives. Previously, he worked as a security researcher and engineer at Microsoft and PwC. His career started in government, conducting security and vulnerability research for the intelligence community. Here, we talk to Golshan about the benefits of DevOps.
The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) published the Resilient Positioning, Navigation, and Timing (PNT) Conformance Framework today. PNT services, such as the Global Positioning System (GPS), is a national critical function that enables many applications within the critical infrastructure sectors. This framework will inform the design and adoption of resilient PNT systems and help critical infrastructure become more resilient to PNT disruptions, such as GPS jamming and spoofing.
COVID-19 has accelerated a variety of global trends. Some of these are perhaps ultimately good, for example moves towards more investment in AI and automation, or a growing focus on taking this opportunity to making lasting changes to benefit the environment. Many others are, however, quite concerning. Continued threats to the global order, the likelihood of states testing the resolve of the new U.S. administration, and increasingly polarized populations are all factors that will dominate 2021.
As organizations bring their employees back to the workplace, many are looking to leverage location technology as a means to increase safety. Return-to-work solutions ranging from digital contact tracing and social distancing monitoring to sanitation alerts and occupancy analytics are being explored and embraced in varying degrees around the world. However, it’s imperative that any technology deployed works a double shift to also provide value in the post-pandemic times. The same location technology infrastructure used to address infection prevention and mitigation can be used to complement and enhance traditional security efforts.
CISA has updated AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations, originally released December 17. This update states that CISA has evidence of, and is currently investigating, initial access vectors in addition to those attributed to the SolarWinds Orion supply chain compromise. This update also provides new mitigation guidance and revises the indicators of compromise table; it also includes a downloadable STIX file of the IOCs.
Meet Issak Davidovich, Vice President of Research and Development at C2A Security. According to Davidovich, the implementation of driver assistance technologies and cybersecurity goes hand-in-hand, and the auto industry is taking its first steps on creating in-vehicle security standards. Here, we talk to him about what this means for automotive cybersecurity.
In response to ongoing cybersecurity events, the National Security Agency (NSA) released a Cybersecurity Advisory “Detecting Abuse of Authentication Mechanisms.” The advisory provides guidance to National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) network administrators to detect and mitigate against malicious cyber actors who are manipulating trust in federated authentication environments to access protected data in the cloud.