When Tom Glocer was serving as a top executive at Reuters, the business news and information provider, cybersecurity was rarely the main story. But in the roughly ten years since he’s left the firm, the finance sector has been rocked by cyberattacks and internet-enabled bank fraud, including multimillion-dollar nation-state heists and data breaches that have cost CEOs their jobs…
DHS chief: Cyber workforce sprint will be department’s ‘most significant hiring initiative’ in history
The head of the Department of Homeland Security kicked off the agency’s cybersecurity workforce “sprint” today, framing it as an ambitious effort to increase diversity and prepare the government for emerging threats. “We’re extraordinarily energetic about this effort and we intend to execute the most significant hiring initiative the Department of Homeland Security has undertaken in its history,” said Secretary Alejandro Mayorkas at a virtual event hosted by the U.S. Chamber of Commerce…
Cybercrime presents a range of challenges for law enforcement officials around the globe. Investigating and responding to these incidents requires technical expertise, the ability to see beyond borders, and the willingness to pursue cases when attribution may be incredibly difficult, just to name a few. “Generally, [law enforcement agencies] know who the traditional criminals are, but have a hard time to prove what they are doing. In cyber, this is turned around,” says Erik van de Sandt, operational specialist with the Dutch National Police’s National High Tech Crime Unit. “They know what crimes are committed, but not who are behind these acts.”
As someone who has been in the cybersecurity business for three decades, it might come as a surprise that Ted Schlein wants to tear a lot of it up. Schlein, a 25-year veteran of the venture capital giant Kleiner Perkins, thinks both the government and private sector need to embrace radical change to stay competitive in cybersecurity. Companies are too dependent on outdated technologies and practices, like passwords and signature-based detection tools, Schlein says. Organizations and developers must adopt new technologies if they’re going to defend against new threats like deepfakes and SolarWinds-style attacks….
SolarWinds’ chief information security officer defended the company’s practices and technology on Wednesday, saying the attack it experienced at the hands of Russia’s foreign intelligence agency last year wasn’t one that most companies would be prepared for. “We ran a pretty good shop, we had pretty good technology,” Tim Brown, the company’s CISO and vice president of security, said during a webcast hosted by the insurance firm Marsh. “We’ve had four months of inspections and we found things to fix, but it wasn’t like we were super dirty—there wasn’t sloppiness, there wasn’t malware all over our environment.”
Last fall, Ronnie Tokazowski, a senior threat researcher at security firm Agari and a well-known figure in the cybersecurity community for his extensive knowledge of business email compromise (BEC) cybercrime, went on YouTube to ask for help in financing a very unique project aimed at experimenting with a new way of fighting BEC crime in Nigeria, the home of most BEC gangs.
Last spring, professional services firm Deloitte published a study that ranked Singapore as the most exposed country to cyberattacks in the Asia-Pacific region. The city-state was also deemed the most prepared at defending against them. Over the last decade, Singapore has aggressively rolled out a slew of cybersecurity initiatives aimed at protecting its nearly 6 million highly-connected citizens from cyber threats. As a global financial and shipping hub, it took early steps at bolstering critical infrastructure security and reducing barriers to information sharing. More recently, the country has rolled out cybersecurity labels for consumer smart devices, and awards marks of distinctions to companies that have invested heavily in cybersecurity….
‘They knew I was running late to meetings’: Former DHS chief on reports that SolarWinds hackers targeted his emails
Former Acting Secretary for the Department of Homeland Security Chad Wolf on Monday recounted the intense first days of the SolarWinds crisis, and remarked on recent reports that the suspected Russian hackers behind the attack had gained access to his email account. “My first question was: were these unclassified email accounts? The answer was yes,” Wolf said at a virtual talk hosted by the Heritage Foundation. “It’s still concerning, but it would have been even more of a concern if they had access to the lines that DHS does its most sensitive work on.”
The Biden administration on Monday said it has picked two National Security Agency veterans to serve in top cybersecurity leadership roles. Chris Inglis will be nominated to serve as the country’s first National Cyber Director, and Jen Easterly will be tapped to run the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, or CISA. Both positions require Senate confirmation, which could take several months…
The top official at the Department of Homeland Security announced today a series of 60-day cybersecurity-focused “sprints” aimed at focusing the department’s efforts on ransomware, industrial control systems, and other priorities. Alejandro Mayorkas, who was sworn in as DHS Secretary last month, said during a virtual talk hosted by the RSA Conference that his department is working on a proposal for a “Cyber Response and Recovery Fund” to provide assistance to state, local, tribal and territorial governments dealing with cyberattacks….