A Review of the Best News of the Week on Cybersecurity Management & Strategy

DARPA Is Building a $10 Million, Open Source, Secure Voting System (Motherboard, Mar 14 2019)
The system will be fully open source and designed with newly developed secure hardware to make the system not only impervious to certain kinds of hacking, but also allow voters to verify that their votes were recorded accurately.

Navy, Industry Partners Are ‘Under Cyber Siege’ by Chinese Hackers, Review Asserts (WSJ, Mar 12 2019)
The Navy and its contractors are “under cyber siege” by Chinese hackers who have stolen national security secrets in recent years, an internal review concluded.

Trump’s bold hack back strategy actually sounds pretty tame. (Washington Post, Mar 15 2019)
There’s still a lot of bureaucracy before the U.S. strikes back in cyberspace.

Without data, your security strategy is just a guess.
The Mosaic Security Research Market Intelligence Platform provides the data you need for OWASP’s Cyber Defense Matrix. Learn a new way to conduct a strategy assessment.

Russia internet freedom: Thousands protest against cyber-security bill (BBC, Mar 10 2019)
Thousands of people in Russia have protested against plans to introduce tighter restrictions on the internet. A mass rally in Moscow and similar demonstrations …

Citrix admits attackers breached its network – what we know (Naked Security – Sophos, Mar 12 2019)
While not confirmed, the FBI has advised that the hackers likely used a tactic known as password spraying, a technique that exploits weak passwords. Once they gained a foothold with limited access, they worked to circumvent additional layers of security.

Marriott CEO reveals more details about the massive data breach (Help Net Security, Mar 12 2019)
The first indication that something might be wrong was on September 8, 2018, when Accenture, which managed the Starwood Guest Reservation Database, notified Marriott’s IT team about an unusual query from an administrator’s account.

After parliament hack, Australia learns from U.S. missteps (Washington Post, Mar 11 2019)
More than two years after the U.S. government bungled its response to a foreign government hack of one of its main political parties, Australia is trying to do better.

How Walmart Uses a Purple Team to Improve Cyber-Resilience (eWEEK, Mar 08 2019)
O’Dell said that Walmart began on its Purple Team journey in 2016, and the effort didn’t start well at all for a number of reasons. The nature of Red and Blue teaming is adversarial, and that created conflict. If the Red Team wins, it means there is a breach, and if the Blue Team wins it means an attack was contained. O’Dell emphasized, however, that what Walmart learned is that while winning is interesting, that’s not what matters in a Purple Team exercise.

#RSAC: How to Get and Maintain Your Risk Appetite (Infosecurity Magazine, Mar 07 2019)
“What is the loss or event scenario you care about: maybe it’s disclosure, outage, non-compliance or financial mis-statement – it could be all of them, and by defining distinctly you could define it and manage risk appetites.”

On Surveillance in the Workplace (Schneier on Security, Mar 12 2019)
“In a blog post about this report, Cory Doctorow mentioned “the adoption curve for oppressive technology, which goes, ‘refugee, immigrant, prisoner, mental patient, children, welfare recipient, blue collar worker, white collar worker.'” I don’t agree with the ordering, but the sentiment is correct. These technologies are generally used first against people with diminished rights: prisoners, children, the mentally ill, and soldiers.”

Ad Network Sizmek Probes Account Breach (Krebs on Security, Mar 13 2019)
“Online advertising firm Sizmek Inc. [NASDAQ: SZMK] says it is investigating a security incident in which a hacker was reselling access to a user account with the ability to modify ads and analytics for a number of big-name advertisers.”

Jackson County, Geogia pays $400,000 ransom to release files (SC Magazine, Mar 11 2019)
Jackson County, Ga., is the latest ransomware victim to fork over a payment to its attackers in order to regain access to its encrypted files. The county government paid out $400,000 over the weekend to the attackers that struck on March 6 effectively taking down the municipal government computer network, including 911.

Why It’s So Hard to Restart Venezuela’s Power Grid (Wired, Mar 12 2019)
Approaching a full week, Venezuela’s national power outage shows just how hard it is to restart a grid from scratch.

Two Doors to SOAR Visual (Gartner Blog Network, Mar 08 2019)
Essentially, you have TWO DOORS TO SOAR.
“Automation / orchestration first” – this path leads most to ruin, but it did lead some enlightened elite organization to raging success with SOAR
“Workflow / case management first” – thus path is unglamorous, but it is the one where we see more success for most mainstream organizations that are seeking to adopt SOAR.

Venezuelan ‘Cyber-Attack’ Possible But Unlikely, Experts Say (SecurityWeek, Mar 13 2019)
Venezuelan President Nicolas Maduro’s government has accused the United States of “cyber sabotage” to knock out the country’s central hydroelectric complex and leave the nation largely without electricity since Thursday afternoon.

A Saudi Cybersecurity Company Tried to Buy Zero Day Exploits from Me (Motherboard, Mar 12 2019)
We recently got a rare look at how a company tried to source these exploits through private one-on-one deals—because the company came to us.

Under GDPR, can a CISO be the DPO? (SC Magazine, Mar 12 2019)
The GDPR also defines the obligation of companies/entities to nominate a Data Protection Officer (DPO) if they plan to conduct personal data treatment activities (collection, storing, processing or sharing) over sensitive personal data (data that if exposed to non-authorized third parties represents a severe risk towards the data subject) or extensive volumes of personal data of many data subjects.

These Cookie Warning Shenanigans Have Got to Stop (Troy Hunt, Mar 13 2019)
“This will be short, ranty and to the point: these warnings are getting ridiculous…”

Huawei trolls the U.S. by opening a cybersecurity center in Europe (VICE, Mar 09 2019)
Huawei trolls the U.S. by opening a cybersecurity center in Europe  VICETrust in cybersecurity is one of the major challenges that we face as a global community.“

Trump’s 2020 Budget Asks for $11bn for Cyber-Defense (Infosecurity Magazine, Mar 11 2019)
Securing critical infrastructure, and growing workforce top priorities in nation’s cyber strategy.