Category: Organisation Types

Organisation Types for membership

CISA Releases Secure by Demand Guidance

Agency News, Cyber Security CII sector, Industry News
CISA and the Federal Bureau of Investigation (FBI) have released Secure by Demand Guide: How Software Customers Can Drive a Secure Technology Ecosystem to help organizations drive a secure technology ecosystem by ensuring their software manufacturers prioritize secure technology from the start.
An organization’s acquisition staff often has a general understanding of the core cybersecurity requirements for a particular technology acquisition. However, they frequently don’t assess whether a given supplier has practices and policies in place to ensure that security is a core consideration from the earliest stages of the product development lifecycle.
This guide provides organizations with questions to ask when buying software, considerations to integrate product security into various stages of the procurement lifecycle, and resources to assess product security maturity in line with secure by design principles.
This guide compliments the “Software Acquisition Guide for Government Enterprise Consumers: Software Assurance in the Cyber-Supply Chain Risk Management (C-SCRM) Lifecycle” that was recently published.
CISA encourages organizations to review both the Secure by Demand Guide and Software Acquisition Guide and implement recommended actions.
Leave a comment

DHS Deploys Pilot Programs, Expands Efforts to Leverage AI to Secure Nation’s Critical Infrastructure

Agency News, Cyber Security CII sector, Industry News
It has been over 270 days since President Biden issued his landmark Executive Order (EO) 14110, “Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence,” ensuring that the United States leads the world in seizing the promise of Artificial Intelligence (AI) while addressing its risks. Throughout its AI-related efforts, the Department of Homeland Security (DHS) has maintained a clear set of principles and robust governance that prioritizes the protection of civil rights, civil liberties, and privacy, and increased its engagement with affected communities.
Conducted New AI Pilot to Identify and Combat Vulnerabilities in Critical United States Government Software, Systems, and Networks
- As directed in executive order 14110 and on behalf of DHS, the Cybersecurity and Infrastructure Security Agency (CISA) developed, conducted, and completed an operational pilot using AI capabilities to support CISA’s cybersecurity mission in the detection and remediation of vulnerabilities in critical United States Government software, systems, and networks.
- Through this operational pilot, CISA examined whether current vulnerability detection software products that use AI, including large language models, are more effective at detecting vulnerabilities than those that do not use AI.
- The report found that the best use of AI for vulnerability detection currently lies in supplementing and enhancing, as opposed to replacing, existing tools.
- AI tools are improving constantly, and CISA will continue to monitor the market and test tools to ensure CISA’s vulnerability detection capabilities remain state-of-the-art.
Developed an AI International Engagement Plan for Collaboration with Allies and Partners
- DHS developed a comprehensive strategy of engagement on AI and critical infrastructure with our international allies and partners, including, Canada, Mexico, the European Union (EU), and Five Eyes partners covering everything from cybersecurity to transnational infrastructure. This collaborative strategy identifies ways for the United States and its allies to detect, deter, and prevent threats at the nexus of AI, cyber, and critical infrastructure security.
- The efforts outlined in the strategy include sharing lessons learned and threat information, and identifying and collaborating on new opportunities and risks, through existing and novel international forums. DHS will engage across the spectrum with our closest security allies, in support of the Biden-Harris Administration’s AI contact group of nations, multilateral efforts such as the G7 and the Organization for Economic Cooperation and Development, and pivotal bilateral engagements with countries, including those with shared critical infrastructure.
Hired 15 New Experts to the “AI Corps” Who are Helping Responsibly Leverage AI Across DHS Mission Areas
- As part of the Department’s “AI Corps” hiring sprint, DHS has onboarded the first cohort of 15 AI experts from the private and public sectors to play pivotal roles responsibly leveraging AI across strategic mission areas in the Department. The AI Corps is one of the most significant AI-talent recruitment efforts of any federal civilian agency, aiming to hire 50 AI experts to enhance service delivery and impact the homeland security mission while safeguarding privacy, civil rights, and civil liberties.
- AI Corps members are currently working with the DHS Supply Chain Resilience Center to investigate how AI could be used to forecast the impacts of critical supply chain disruptions to public safety and security; working with DHS Science & Technology (S&T) to develop test and evaluation (T&E) requirements across the lifecycle of an AI system; and leveraging generative AI to support the work of the Department’s Homeland Security Investigations (HSI) department to combat fentanyl, human trafficking, child exploitation, and other criminal networks.
- In addition to the AI Corps, the DHS Office of Partnership and Engagement (OPE) hired a new Senior Director for Artificial Intelligence to further build the Department’s engagement on AI across sectors, meeting a commitment outlined in the AI Roadmap and establishing a channel for ongoing stakeholder feedback and information sharing.
Convened the AI Safety and Security Board and Took Steps to Bolster AI Safety and Security
- At the President’s direction, Secretary of Homeland Security Alejandro N. Mayorkas established the AI Safety and Security Board (AISSB), an unparalleled gathering of AI leaders representing prominent companies in the hardware and software industries, AI model labs, critical infrastructure owners and operators, civil rights leaders, and federal, state, and local officials.  The President directed the Board to provide to the Secretary and the critical infrastructure community advice, information, and recommendations on the safe and secure development and deployment of AI.
- The Board convened its inaugural meeting in May 2024. Since then, the Department and the Board have been developing guidance and standards of practices to improve AI safety and security across the AI ecosystem.  The deployment of safe, secure, and trustworthy AI generates consumer trust and fuels adoption and innovation.  AI can substantially improve the services the nation’s critical infrastructure provides, if we secure systems against safety and security threats.
Met with 16 Groups to Better Ensure Civil Rights, Civil Liberties and Privacy Are Protected in AI Adoption
- Through the DHS Artificial Intelligence Task Force, the DHS Office for Civil Rights and Civil Liberties (CRCL), in collaboration with the DHS Privacy Office, leads efforts to develop tailored approaches to provide guidance, risk assessment, mitigation strategies, and oversight for the protection of civil rights and civil liberties in projects championed by the DHS AI Task Force.
- In March 2024, the Department launched the AI Roadmap, which details plans to test uses of the technologies that deliver meaningful benefits to the American public and advance homeland security, while ensuring that individuals’ privacy, civil rights, and civil liberties are protected.
- Under the leadership of the DHS Office of Partnership and Engagement (OPE), the Department is exercising its commitment to ensure increased engagement on the development and deployment of AI with community-based organizations; civil-rights and civil-liberties organizations; academic institutions; industry; State, local, Tribal, and territorial governments; and other stakeholders. Building on an initial series of AI and civil rights engagements led by OPE with DHS leadership in Spring 2024, OPE facilitated engagement for Secretary Mayorkas with civil society leaders to discuss the AI Roadmap. In his engagement, the Secretary emphasized the AI Roadmap’s direction to ensure the responsible and trustworthy use of AI and explicit commitment to continued partnerships and engagement with civil society. The Department has continued to engage with multiple civil society, academic, industry and other organizations to discuss privacy, civil rights, and civil liberties protections and impacts and how they are being addressed through the DHS AI Roadmap.
These efforts build and expand on the Department’s ongoing AI initiatives announced earlier this year to facilitates the safe and responsible deployment and use of AI in federal government, critical infrastructure, and the U.S. economy.
Leave a comment

Microsoft Pushes for Windows Changes After CrowdStrike Incident

Cyber Security CII sector, Industry News
Over the past 10 days, CrowdStrike and Microsoft have been working around the clock to help customers affected by the massive Windows BSOD issue caused by a faulty CrowdStrike update. Along with providing ways to fix the issue, CrowdStrike has already published its Preliminary Post Incident Review for this outage. According to their report, the BSOD was caused by a memory safety issue where their CSagent driver performed a read-out-of-bounds access violation.
In the wake of a major incident that affected millions of Windows PCs, Microsoft is calling for significant changes to enhance the resilience of its operating system. John Cable, Microsoft's vice president of program management for Windows servicing and delivery, said there was a need for "end-to-end resilience" in a blog post, signaling a potential shift in Microsoft's approach to third-party access to the Windows kernel.
Microsoft published their detailed technical analysis of this outage caused by the CrowdStrike driver. Microsoft's analysis confirmed the findings of CrowdStrike that the crash was due to a read-out-of-bounds memory safety error in CrowdStrike's CSagent.sys driver. The csagent.sys module is registered in a Windows PC as a file system filter driver to receive notifications about file operations, including the creation or modification of a file. This allows security products, including CrowdStrike, to scan any new file saved to disk.
Microsoft recommends security solution providers balance needs like visibility and tamper resistance with the risk of operating within kernel mode. For example, they can use minimal sensors that run in kernel mode for data collection and enforcement, limiting exposure to availability issues. The rest of the features, like managing updates, parsing content, and other operations, can occur isolated within user mode.
In the blog post, Microsoft also explained the built-in security features of the Windows OS. These security capabilities offer layers of protection against malware and exploitation attempts in Windows. Microsoft will work with the anti-malware ecosystem through the Microsoft Virus Initiative (MVI) to take advantage of Windows built-in security features to further increase security along with reliability.
Microsoft has planned the following for now:
- Providing safe rollout guidance, best practices, and technologies to make it safer to perform updates to security products.
- Reducing the need for kernel drivers to access important security data.
- Providing enhanced isolation and anti-tampering capabilities with technologies like the recently announced VBS enclaves.
- Enabling zero-trust approaches like high-integrity attestation, which provides a method to determine the security state of the machine based on the health of Windows native security features.
While over 97% of Windows PCs affected by this issue are back online as of July 25, Microsoft is now looking ahead to prevent such issues in the future.
Leave a comment

ICAO update Global Aviation Security Plan (GASeP) for strengthening aviation security

Agency News, Industry News, Transport sector
ICAO's newest edition of the Global Aviation Security Plan (GASeP) is designed to enhance the international aviation security environment by providing detailed guidance to governments, industry, and other stakeholders. This new plan focusses on six global aviation security priority areas:
- Risk awareness and response;
- The preservation of a strong and effective security culture;
- Human factors (including human performance and the professionalization of the aviation security workforce);
- Innovation and the allocation of technological resources;
- Oversight and quality assurance; and
- Cooperation and support among stakeholders.
ICAO Secretary General Juan Carlos Salazar addressed the importance of GASeP, “The new ICAO Global Aviation Security Plan is both an acknowledgment of the urgent and evolving aviation security challenges we face and a product of ICAO’s unwavering commitment to confronting them head-on. The Plan is a central element in our support for robust action by governments on aviation security and cybersecurity. It also provides crucial support to our advocacy for heightened resourcing and focus for these priorities.”
This second edition of the GASeP is a response to ICAO Assembly Resolutions A41-18 and A41-19 and is in line with the UN Security Council Resolution 2309 (2016). It aims to help States fulfill their commitments under these instruments and under Annex 17 – Aviation Security of the Convention on International Civil Aviation. States have set themselves an aspirational goal to “achieve and maintain a strong global aviation security system that is underpinned by full and effective implementation of ICAO aviation security Standards in all Member States.”
The GASeP structures States’ progress towards this goal, which will be monitored by ICAO. The results of the UN agency’s Universal Security Audit Programme (USAP), which assesses States’ implementation of ICAO Security Standards, will be used to measure progress towards the aspirational goal and its milestones. Additionally, the voluntary sharing of experience by States and all relevant stakeholders will help measure improvement in the global AVSEC priority areas.
As the global aviation community continues to face evolving security threats, the GASeP serves as a vital tool in ICAO’s ongoing efforts to strengthen aviation security worldwide. ICAO calls upon all States and stakeholders to actively engage with and implement the Plan to ensure a secure and resilient international aviation system.
Leave a comment

CISA and Partners join ASD’S ACSC to Release Advisory on PRC State-Sponsored Group, APT 40

Agency News, Cyber Security CII sector, Industry News
CISA has collaborated with the Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) to release an advisory, People’s Republic of China (PRC) Ministry of State Security APT40 Tradecraft in Action outlining a PRC state-sponsored cyber group’s activity. The following organizations also collaborated with ASD's ACSC on the guidance:
- The National Security Agency (NSA);
- The Federal Bureau of Investigation (FBI);
- The United Kingdom’s National Cyber Security Centre (NCSC-UK);
- The Canadian Centre for Cyber Security (CCCS);
- The New Zealand National Cyber Security Centre (NCSC-NZ);
- The German Federal Intelligence Service (BND) and Federal Office for the Protection of the Constitution (BfV);
- The Republic of Korea’s National Intelligence Service (NIS) and NIS’ National Cyber Security Center (NCSC); and
- Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) and National Policy Agency (NPA).
The advisory is based on current ACSC-led incident response investigations and shared understanding of a PRC state-sponsored cyber group, APT40—also known as Kryptonite Panda, GINGHAM TYPHOON, Leviathan and Bronze Mohawk in industry reporting.
APT 40 has previously targeted organizations in various countries, including Australia and the United States. Notably, APT 40 possesses the ability to quickly transform and adapt vulnerability proofs of concept (POCs) for targeting, reconnaissance, and exploitation operations. APT 40 identifies new exploits within widely used public software such as Log4J, Atlassian Confluence and Microsoft Exchange to target the infrastructure of the associated vulnerability.
CISA urges all organizations and software manufacturers to review the advisory to help identify, prevent, and remediate APT 40 intrusions. Software vendors are also urged to incorporate Secure by Design principles into their practices to limit the impact of threat actor techniques and to strengthen the security posture of their products for their customers.
Leave a comment

Hurricane Beryl Causes Havoc for State of Texas, 2.3m without power

Industry News, Power/Energy/Oil & Gas sector
Hurricane Beryl made landfall along the Texas coast as a Category 1 storm, unleashing a barrage of severe weather as it moved inland before weakening into a tropical storm, yet still cable of widespread damage.
Beryl had sustained winds of over 80 mph as it made landfall, as it battered communities and infrastructure, with more than 2.3 million people are without power in Texas, according to poweroutage.us.
The storm prompted closures or vessel traffic restrictions at multiple ports in cities from Houston to Corpus Christi. The ports of Corpus Christi, Houston, Galveston, Freeport, and Texas City said they closed after condition "Zulu" was set by U.S. Coast Guard captains.
Disruption was also caused to transport where road closures and high-water locations in Houston and Texas City caused problems.
Acting Governor Dan Patrick urged Texans to make final preparations and announced that 121 counties were added to the state’s Hurricane Beryl Disaster Declaration, as storm forecasts shifted the expected landfall north and east of previous projections.
The Texas Division of Emergency Management (TDEM) increased its readiness level of the State Emergency Operations Center and Texas Emergency Management Council agencies worked 24-hour operations, while continuing to preposition state emergency response resources that were readied for deployment by Governor Greg Abbott.
Leave a comment

EPA Outlines Enforcement Measures to Help Prevent Cybersecurity Attacks and Protect the Nation’s Drinking Water

Agency News, Industry News, Water sector
The U.S. Environmental Protection Agency issued an enforcement alert outlining the urgent cybersecurity threats and vulnerabilities to community drinking water systems and the steps these systems need to take to comply with the Safe Drinking Water Act. The alert is part of a government-wide effort – led by the National Security Council and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency – to reduce the nation’s infrastructure and cybersecurity vulnerabilities. EPA is issuing this alert because threats to, and attacks on, the nation’s water system have increased in frequency and severity to a point where additional action is critical.
“Protecting our nation’s drinking water is a cornerstone of EPA’s mission, and we are committed to using every tool, including our enforcement authorities, to ensure that our nation’s drinking water is protected from cyberattacks,” said EPA Deputy Administrator Janet McCabe. “EPA’s new enforcement alert is the latest step that the Biden-Harris Administration is taking to ensure communities understand the urgency and severity of cyberattacks and water systems are ready to address these serious threats to our nation’s public health.”
Recent EPA inspections have revealed that the majority of water systems inspected – over 70 percent – do not fully comply with requirements in the Safe Drinking Water Act and that some of those systems have critical cybersecurity vulnerabilities, such as default passwords that have not been updated and single logins that can easily be compromised. As EPA and its state and federal security and intelligence partners continue to identify vulnerabilities, informed by successful cyberattacks to water systems across the United States, the agency remains committed to working with state and sector organization partners to successfully protect drinking water for communities.
Today's alert emphasizes the importance of EPA’s ongoing inspection and enforcement activities under Safe Drinking Water Act section 1433. The agency will increase the number of planned inspections and, where appropriate, will take civil and criminal enforcement actions, including in response to a situation that may present an imminent and substantial endangerment. Inspections will ensure that water systems are meeting their requirements to regularly assess resilience vulnerabilities, including cybersecurity, and to develop emergency response plans. In addition, EPA, CISA, and the FBI strongly recommend system operators take steps outlined in Top Actions for Securing Water Systems:
- Reduce exposure to public-facing internet.
- Conduct regular cybersecurity assessments.
- Change default passwords immediately.
- Conduct an inventory of OT/IT assets.
- Develop and exercise cybersecurity incident response and recovery plans.
- Backup OT/IT systems.
- Reduce exposure to vulnerabilities.
- Conduct cybersecurity awareness training.
EPA Administrator Michael S. Regan and National Security Advisor Jake Sullivan also recently sent a letter to the nation’s governors on the urgency of the threats and the importance of collaboration across federal and state partners to develop comprehensive strategies to close gaps in cyber-resilience. Following the meeting, the National Security Council encouraged each state to prepare an action plan presenting the state’s strategy to mitigate the most significant cybersecurity vulnerabilities in the states’ water and wastewater systems by late June. EPA is also moving forward with the Water Sector Coordinating Council and Water Government Coordinating Council to establish a Task Force to identify additional near-term actions and strategies to reduce the risk of water and wastewater systems nationwide to cyberattacks.
Leave a comment

Securing Critical Infrastructure With Validated and Trusted AI

Cyber Security CII sector, Industry News
AI is changing cybersecurity – providing new tools for security professionals, but also giving cyber threat actors a better arsenal of weapons for their attacks. Fortress is leveraging the latest in GenAI to better identify and understand the supply chain risks critical infrastructure organizations face.
Fortress's AI Monitoring, tailor made for the unique threats Critical Infrastructure organizations face, enables security pros to get quicker and more accurate data on the most critical risks and vulnerabilities across vendors and products. In short, it's a new evolution in cyber supply chain risk management (C-SCRM) and third-party cybersecurity risk management (TPCRM).
"AI is changing cybersecurity, but it is not the cure-all to national security threats from nation-state adversaries," said Fortress CEO and co-founder Alex Santos. "We were extremely deliberate in how we decided to deploy AI in our solutions. AI-enabled data retrieval without collaborative data sharing and human validation leaves large blind spots and generates false positives that divert resources from fighting the most pressing challenges. However, AI combined with a comprehensive approach to cyber defenses can quickly identify the 'needles in the haystack' that pose the most critical risks."
AI gives Fortress the ability to reduce risk assessment and monitoring costs by up to 90% and discover risks more than 80% faster. Using the latest in GenAI, Fortress automates the retrieval and analysis of vendor and product risk resulting in actionable, prioritized, and conclusive steps to empower security and risk management teams and keep your organization safe.
Besides generating comprehensive insights alerting organizations to emerging risks faster, Fortress integrates with legacy systems that can be omnipresent in critical infrastructure and streamlines government and energy regulatory compliance to simplify complex and time-consuming audits administered by regulatory enforcement.
"Certainly, there is an industry-wide push to get AI integrated into cybersecurity products as fast as possible," said Santos. "Others saw AI as a 'move fast and break things' moment. We knew AI had to be done right and done responsibly. We knew by working hand in hand with our customers that AI had to be done right and responsibly. Our AI Monitoring suite is built for today's rapidly changing and complex cyber supply chain and third-party attack surfaces. We've allowed our clients to stay one step ahead."
Leave a comment

20.3 million of EU Funds for major flood protection project in Eisenach

Agency News, Industry News, Water sector
EU funds will be used to build flood protection along the section of the river Hörsel which goes from Langensalzaer to Karolinenstraße. The project in this challenging section addresses existing infrastructure, traffic management, and urban integration. In addition, the region is also planning a new Karolinen Bridge.
Currently, flood protection measures near the "Auf dem Gries" industrial area, including the cycling path connection to Stedtfeld, are nearing completion.
Support of €16 million in previous programming period
Thanks to substantial financial support from the EU, the flood protection efforts in Eisenach have been progressing systematically since 2015. Initial measures began in the district of Stedtfeld, with completion achieved by 2017. Next, the flood dike near the Stedtfeld wastewater treatment plant was replaced.
Construction started in 2020 along the Hörsel river. Additionally, from August 2021 to August 2022, flood protection measures were implemented in the Hörschel district.
In 2023, an EU-funded project completed flood protection measures near the Opel factory in Eisenach.
These ambitious projects show the EU's commitment to boosting the region's flood resilience. They will protect residents and critical infrastructure.
Leave a comment

UK-led Joint Expeditionary Force rehearses undersea critical infrastructure protection from the North Atlantic to the Baltic Sea

Agency News, Industry News, Transport sector

The Joint Expeditionary Force (JEF) has begun a month-long Response Option  activity Nordic Warden this week for strengthening security of the critical undersea infrastructure in the area from the North Atlantic to the Baltic Sea.

JEF partner nations, including Lithuania, will train at  Nordic Warden exchanging information and provide a synchronized and coordinated response to ensure security of critical undersea infrastructure.

Operation activities will include reconnaissance flights and patrols in cooperation with the JEF air forces and navies. Partner nations will also enhance information exchange and coordination to ensure better situation awareness to ships in the JEF area of responsibility. Operation Nordic Warden is controlled from the JEF headquarters in Northwood, UK.

The Response Option activity Nordic Warden is similar to the first JEF activity conducted in December 2023 in response to the critical infrastructure damage in the Baltic and North Sea regions, namely, the damage to the cable connecting Sweden and Estonia, as well as the pipeline between Finland and Estonia, with real capabilities.

From Lithuania’s perspective, partnership in the JEF is one of the initial means of response to any crisis, including damage to undersea infrastructure. It enables resource sharing, intelligence exchange and joint solutions to mutual regional issues.

The JEF is led by the United Kingdom, its comprises maritime, air and land capabilities contributed by the ten Northern European partners: UK, Denmark, Estonia, Latvia, Lithuania, Netherlands, Norway, Sweden, Finland and Iceland.  Geographical proximity, shared sea borders and economy means cooperation on undersea infrastructure security is not just effective but also vital.

Leave a comment
1 4 5 6 7 8 55