A Review of the Best News of the Week on Cybersecurity Management & Strategy

Work-from-Home Security Advice (Schneier on Security, Mar 19 2020)
“SANS has made freely available its “Work-from-Home Awareness Kit.” When I think about how COVID-19’s security measures are affecting organizational networks, I see several interrelated problems:…”

Barr: FBI Probing If Foreign Gov’t Behind HHS Cyber Incident (SecurityWeek, Mar 18 2020)
Attorney General William Barr vowed in an interview with The Associated Press on Tuesday that there would be swift and severe action if a foreign government is behind disinformation campaigns aimed at spreading fear in the U.S. amid the coronavirus pandemic or a denial of service attack on the networks of the Department of Health and Human Services.

Emergency Surveillance During COVID-19 Crisis (Schneier on Security, Mar 20 2020)
“Israel is using emergency surveillance powers to track people who may have COVID-19, joining China and Iran in using mass surveillance in this way. I believe pressure will increase to leverage existing corporate surveillance infrastructure for these purposes in the US and other countries. With that in mind, the EFF has some good thinking on how to balance public safety with civil liberties”


Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~13,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras

Share today’s post on Twitter Facebook LinkedIn


Kill Chain’: HBO’s Election Security Doc Stresses Urgency (Wired, Mar 16 2020)
A new documentary makes crystal clear how little time remains to protect the 2020 election. 

TSA Admits Liquid Ban Is Security Theater (Schneier on Security, Mar 16 2020)
The TSA is allowing people to bring larger bottles of hand sanitizer with them on airplanes…

PE Firm to Buy Application Security Specialist Checkmarx at $1.15 Billion Valuation (SecurityWeek, Mar 16 2020)
Checkmarx was founded in 2006 and led since by CEO Emmanuel Benzaquen, and Maty Siman, Founder and CTO. SecurityWeek interviewed Siman back 2012, when the company had just 35 employees. The company now has more than 700 employees and more than 1,400 customers across 70 countries.

Over 60% of the Fortune 1000 had at least one public breach over the last decade (Help Net Security, Mar 18 2020)
Over 60% of the Fortune 1000 had at least one public breach over the last decade, according to a Cyentia Institute research. On an annual basis, it is estimated one in four Fortune 1000 firms will suffer a cyber loss event. That ratio approaches 50% for the Fortune 250.

Norsk Hydro Outage May Have Been Destructive State Attack (Infosecurity Magazine, Mar 19 2020)
Dragos claims ransomware outage offers blueprint for deniable disruptive attacks

Five billion records exposed in open ‘data breach database’ (SC Media, Mar 19 2020)
More than five billion records were exposed after a Keepnet Labs Elasticsearch “data breach database” housing a trove of security incidents from the last seven years was left unprotected. “Data was very well structured,” wrote security researcher Bob Diachenko, who discovered the Elasticsearch instance, of the information, which included hashtypes, leak dates, passwords, email addresses,…

NIST Updates Flagship SP 800-53 Security and Privacy Controls (SecurityWeek, Mar 19 2020)
NIST SP 800-53 Revision 5 Represents a Multi-Year Effort to Develop Next-Generation Security and Privacy Controls

Best Practices for Data Management Using DataOps (eWEEK, Mar 13 2020)
…nine best practices to overcome the cost, complexity and risk of managing data to meet the demands of modern business in the new, data-driven world.

Phishing is a huge concern among security decision-makers and influencers (Help Net Security, Mar 16 2020)
A serious disconnect exists between how decision makers (i.e., CISOs, CIOs and CEOs), and security practitioners (i.e., IT managers and directors, security architects and security operations analysts) perceive phishing prevention, according to a research by Ironscales.

Half of UK Firms Suffer Basic Cyber-Skills Gaps (Infosecurity Magazine, Mar 16 2020)
Government report warns many can’t complete simple tasks

How to avoid a costly enterprise ransomware infection (Help Net Security, Mar 17 2020)
In most cases of human-operated ransomware attacks against enterprises, the hackers don’t trigger the malware immediately: according to FireEye researchers, in most (75%) of cases, at least three days passed between the first evidence of malicious activity and ransomware deployment.

Over a Quarter of Security Alerts Are False Positives (Infosecurity Magazine, Mar 17 2020)
New research highlights risks of alert fatigue in organizations

Followup Audit on Corrective Actions Taken by DoD Components in Respon (Department of Defense Office of Inspector General, Mar 18 2020)
DoD Components did not consistently mitigate or include unmitigated vulnerabilities identified in the prior audit and during this audit by DoD Cyber Red Teams during combatant command exercises, operational testing assessments, and agency-specific assessments in plans of action and milestones.

Zero Trust Architecture | NCCoE (NCCoE, Mar 18 2020)
“We are currently seeking feedback on a draft project description, Implementing a Zero Trust Architecture. The public comment period is now open and will close on April 14, 2020. Please submit your feedback.”

Too many alarms and too few security analysts? Think SOAR (Help Net Security, Mar 19 2020)
Security automation, orchestration and response (SOAR) speeds up the incident response process by replacing manual tasks with automated workflows.

Organizations still struggle to manage foundational security (Help Net Security, Mar 19 2020)
Regulatory measures such as GDPR put focus on data privacy at design, tightening requirements and guiding IT security controls like Public Key Infrastructure (PKI).

Coronavirus Sets the Stage for Hacking Mayhem (Wired, Mar 19 2020)
As more people work from home and anxiety mounts, expect cyberattacks of all sorts to take advantage.