“This is the first in-person cybersecurity event I have been to since March 2020.” This jarring statement rang true for many attendees last night at the ‘New York Information Security Meetup’, hosted by David Raviv.

The Data Connectors Team supports local cybersecurity-related gatherings all over North America, as a way to bring the community to more professionals.  This week, New York City Area CSO Michael Hiskey and Marketing team member Emily Ramsey attended the New York Information Security Meet-up, along with numerous cybersecurity field experts. The lineup included Keith Sazer from Community Partner CriticalStart, Jeff Hudesman, Chief Security Officer & VP of Information Security at DailyPay, and Doug Britton, Founder of Haystack Solutions.

Critical Start’s team talked about the importance of cybersecurity in the lives of regular citizens, and Keith related a personal experience from his days on Wall Street in the financial sector and transition to the MDR provider.

Veteran US Army linguist Doug Britton talked about the Cyber Aptitude and Talent Assessment (CATA), which the firm he founded is now making commercially available.  Organizations use the assessment to uncover the natural proclivity individuals have, and how they potentially align to cybersecurity roles. 

Look for Doug at the Philadelphia Virtual Cybersecurity Summit next month, talking with expert panelists on the “Cybersecurity Skills Shortage.”   

The agenda covered a wide range of hot topics in cybersecurity, including a personal narrative from Doug Britton who experienced first-hand the effects of the Colonial Pipeline ransomware hack. Britton admitted that the panic of searching miles to find no gas was just as terrifying as the COVID-19 pandemic — further proving how critical cybersecurity is for national security.

When this attack first happened, Data Connectors sat down with John Felker, former Assistant Director for the Department of Homeland Security Cyber Infrastructure Security Agency (CISA) for a LinkedIn Live Briefing. He discussed what was compromised, and how; where attackers likely entered; what is known about the DarkSide Russian Cybercrime ring involved.

One of the most engaged CSOs one could find in a FinTech start-up would have to be Jeff Hudesman. DailyPay, which enables employees of large firms like McDonalds, DollarTree, and T-Mobile to get advances on their paychecks.  Jeff spoke about the robust defenses his team put in place to combat these threats and keep DailyPay’s customers secure. With access to all of that Personally Identifiable Information (PII) and financial institution detail, you can be they see their fair share of credential-stuffing, identity theft, and other attacks, just as the large banks do.  Jeff talked a bit about the role of a CSO in a start-up, and many of the unique challenges therein.

Along with the discussions of cybersecurity’s effects in our day-to-day lives, the major takeaway from this meet-up was that people are ready to network and connect in person again. However, the ongoing concerns of the pandemic still limit large gatherings from taking place in many places.

In a recent poll, Jerod Brennen asked his LinkedIn followers how soon they plan on returning to conference life. Over 50% responded with “Bring it! I’m ready now.” While some Community.

Members choose to travel to BlackHat this year, many stayed home – we’ll know more as that event wraps-up in Las Vegas.  As was posited in this infographic, community survey data points to members preferring a mix of in-person regional conferences in nearby cities and virtual gatherings for the immediate future.

As restrictions fluctuate, and the desire to return to in-person continues to rise, the industry that thrives on networking must continuously adapt. Data Connectors was the first to transition to Virtual Summits, and are now hosting a handful of live conferences this fall and winter.

David Raviv, cyber security industry veteran and a startup enthusiast founded the New York Information Security Meetup in January 2013 and has held over 120 gatherings. The community consists of 5,500 security professionals from the New York Tri-State area.  David said, “People crave the human connection. Despite hosting on-line events a couple of times a week, being in front of a screen is no substitute to rubbing shoulders with fellow practitioners,” when we spoke this week.  When not hosting events, David is the general manager for findings.co, a company set to disrupt how enterprise handles supply chain cyber risk.

The first in-person gathering will take place as a follow-up to the New England Virtual Cybersecurity Summit on Wednesday, August 18th.  That will be an in-person happy hour gathering for those who attended the Virtual Summit.  Join Hartford-area Community Members on Thursday, August 19th, for the New England Cybersecurity Community Rooftop Party & Networking Reception.  

We hope to see you there!

The Return of Local In-Person Gatherings

Hot Topics in Cybersecurity Posted by Michael Hiskey on Aug 4, 2021

Congress is answering the age-old question of “How are we going to pay for all of that?” with a new answer: cryptocurrency.

The recent $1 trillion infrastructure bill, or formally, “The Infrastructure Investment and Jobs Act,” as agreed upon by both the executive and legislative branches, will raise nearly $28 billion over ten years by cracking down on cryptocurrency transactions, according to the Joint Committee on Taxation.

The plan would come from extending Congress’s ability to track larger cryptocurrency transactions by increasing reporting requirements, Fox Business reported.

This addition to the bill comes after the Internal Revenue Service Commissioner Charles Rettig told Congress that it should have the authority to collect information on cryptocurrency transactions greater than $10,000, as reported by Reuters. In his statement to the Senate Finance Committee on June 8, Rettig said that the world crypto market capitalization is greater than $2 trillion, and most are “designed to stay off the radar screen.”

This cash grab, according to Coin Center Executive Director Jerry Brito, definitely represents a legal gray area for Congress. In a Tweet, Brito said: “Such a requirement is essentially forcing miners, lightning nodes, etc., to identify others on the network. Not only is this nonsensical from a technical perspective, such a mandate would very likely be unconstitutional surveillance.”

Bloomberg’s coverage of the bill cites the crypto industry as one of the bill’s losers, along with drugmakers and owners and manufacturers of electric vehicles (and, of course, Deficit Hawks).

While the bill hasn’t officially been signed into law just yet – Senators will be continuing to add amendments prior to putting it for a vote and getting it to the president’s desk.

Cryptocurrency Industry Posed to Take a Hit …

Industry News Posted by Jen Greco on Aug 3, 2021

The White House this week issued a statement titled “National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems.”

This move is part of a series of cyber-related actions from the executive branch, but this one carries a particular focus on responding to recent attacks such as the Colonial Pipeline and JBS Foods. In effort to further protect Americans from attacks on our critical infrastructure, the memo seeks to:

• Have CISA collaborate with NIST to develop cybersecurity goals for critical infrastructure
• Establish the Industrial Control System Cybersecurity Initiative – a collaborative effort between the federal government and those providing critical infrastructure to facilitate the deployment of cybersecurity means and methods.

According to the Q&A released from the White House along with the official memo, these steps will ensure that attacks on pipelines and similar infrastructure components will be limited.

“We look to responsible critical infrastructure owners and operators to follow voluntary guidance as well as mandatory requirements in order to ensure that the critical services the American people rely on are protected from cyber threats,” the release said.

The ICS Security Initiative was piloted by the electricity subsector, but it will now be implemented among natural gas pipelines. After that, the memo said, water and wastewater sector systems and the chemical sector will follow later in the year. The memo states:

“The Initiative builds on, expands, and accelerates ongoing cybersecurity efforts in critical infrastructure sectors and is an important step in addressing these threats.  We cannot address threats we cannot see; therefore, deploying systems and technologies that can monitor control systems to detect malicious activity and facilitate response actions to cyber threats is central to ensuring the safe operations of these critical systems.”

White House: US Critical Infrastructure Nee …

Industry News Posted by Jen Greco on Jul 30, 2021

Stay tuned for this update each week. This is a joint cybersecurity weekly product from the Missouri Information Analysis Center, St. Louis Fusion Center, Kansas City Regional Fusion Center and the Missouri Office of Homeland Security.

Businesses Fall Victim to Ransomware Despite Precautions

According to a new survey of 200 decision makers in businesses that had suffered a ransomware attack since 2019, more than half of victims had received anti-phishing training and 49 percent had perimeter defenses in place at the time of attack. The study conducted by Sapio Research for Cloudian finds that phishing continues to be one of the easiest paths for ransomware, with 24 percent of attacks starting this way. Phishing succeeds despite the fact that 54 percent of all respondents and 65 percent of those that reported it as the entry point have conducted anti-phishing training for employees. The public cloud is the most common point of entry for ransomware, with 31 percent of respondents being attacked this way. One an attack is under way things happen quickly, 56 percent of survey respondents report that attackers were able to take control of their data and demand a ransom within just 12 hours, and another 30 percent say it happened within 24 hours.

Success of Ransomware Attacks Shows the State of Cybersecurity

According to a new study of over 1,000 enterprise IT professionals around the world, 40 percent of organizations confirm they have fallen victim to a phishing attack in the last month, with 74 percent experiencing one in the last year. The research from automation platform Ivanti also shows that 80 percent of respondents say they have witnessed an increase in volume of phishing attempts, with 85 percent saying those attempts are getting more sophisticated. In addition, 73 percent of respondents say that their IT staff have been targeted by phishing attempts, and 47 percent of those attempts were successful. Asked about the causes of successful attacks, 37 percent of respondents cite a lack of both technology and employee understanding. However, 34 percent blame successful attacks on a lack of employee understanding. While 96 percent of IT professionals report that their organization offers cybersecurity training to teach employees about common attacks like phishing and ransomware, only 30 percent of respondents say that 80-90 percent of employees have completed the training.

SonicWall: ‘Imminent’ Ransomware Attack Targets Older Products

The attack exploits a known vulnerability that was fixed in new versions of firmware released this year. SonicWall is alerting users to an “imminent” ransomware attack targeting Secure Mobile Access (SMA) 100 series and the older Secure Remote Access (SRA) series running unpatched and end-of-life (EOL) 8.x firmware. The campaign is using stolen credentials, the company reports, and the exploitation targets a known vulnerability that has been patched in newer versions of the firmware. Businesses using a range of EOL SMA and/or SRA devices running firmware 8.x should update their firmware or disconnect their devices, as per guidance SonicWall outlines in an advisory. As an additional mitigation, SonicWall advises organizations using SMA or SRA devices to reset all credentials associated with them, as well as for any other devices and systems that use the same credentials.

Who is Responsible for Guarding Against Software Supply Chain Attacks? Who Knows!

Software supply chain attacks like that on SolarWinds have become more of a threat in recent months. But when it comes to defending against them businesses can’t decide who is responsible according to a new report. The study from machine identity management company Venafi is based on the opinions of over 1,000 information security professionals, developers and executives in the IT and software development industries. It finds that 97 percent agree that the techniques and procedures used to attack SolarWinds software development environment will be reused in new attacks this year. But despite this certainty, there is no agreement between security and development teams on where responsibility for improving security in the software build and distribution environments should lie.

57% of Reported Incidents are Caused by Insiders

Insider data breaches were the top cause of data and cybersecurity incidents reported in the first quarter of 2021, according to the ICO. 57% of reported incidents were caused by insiders, with over 1,000 incidents reported in the first three months of 2021. Misdirected email was behind most of the incidents, with over 400 reports. Phishing was the second-biggest named cause, with over 200 incidents caused by employees falling for malicious emails. For the fourth quarter running, healthcare was the hardest hit, with over 420 reported incidents in just three months, while financial services was the industry targeted with the most phishing attacks.

Half of Organizations are Ineffective at Countering Phishing and Ransomware Threats

Half of US organizations are not effective at countering phishing and ransomware threats, Osterman Research research reveals. The findings come from a study compiled from interviews with 130 cybersecurity professionals in mid-sized and large organizations. “Phishing and ransomware were already critical enterprise security risks even before the pandemic hit and, as this report shows, the advent of mass remote working has increased the pressure of these threats,” said Jon Clay, VP of threat intelligence for Trend Micro. “Organizations need multi-layered defenses in place to mitigate these risks.” The study asked respondents to rate their effectiveness in 17 key best practice areas related to ransomware and phishing, ranging from protecting endpoints from malware infection to ensuring prompt patching of all systems.

Five Critical Password Security Rules Your Employees Are Ignoring

Password security was a problem even before the advent of widespread remote work. So, what happened post-pandemic? Keeper Security’s Workplace Password Malpractice Report sought to find out. In February 2021, Keeper surveyed 1,000 employees in the U.S. about their work-related password habits — and discovered that a lot of remote workers are letting password security go by the wayside. Here are 5 critical password security rules they’re ignoring.

Researchers Warn of Linux Cryptojacking Attackers Operating from Romania

A threat group likely based in Romania and active since at least 2020 has been behind an active cryptojacking campaign targeting Linux-based machines with a previously undocumented SSH brute-forcer written in Golang. Dubbed “Diicot brute,” the password cracking tool is alleged to be distributed via a software-as-a-service model, with each threat actor furnishing their own unique API keys to facilitate the intrusions, Bitdefender researchers said in a report published last week. While the goal of the campaign is to deploy Monero mining malware by remotely compromising the devices via brute-force attacks, the researchers connected the gang to at least two DDoS botnets, including a Demonbot variant called chernobyl and a Perl IRC bot, with the XMRig mining payload hosted on a domain named mexalz[.]us since February 2021.

When ‘Later’ Never Comes: Putting Small Business Cybersecurity First

Small- and medium-sized businesses can be victims of digital attacks as much as global ones can. In fact, 88% of small business owners think they’re open to a cyberattack. In response, startups must allocate time and resources to getting the right small business cybersecurity measures, right? If only business realities were that simple. Let’s talk about startup culture for a second. What do you envision when you hear ‘startup’? Mark Zuckerberg, Silicon Valley, cold brew on tap, standing desks and a race to the finish line? You probably don’t think about late nights obsessing about small business cybersecurity. And therein lies the problem.

FragAttacks: Everything You Need to Know

A cybersecurity researcher discovered a new category of Wi-Fi vulnerabilities recently. But the surprising news is that this new category is actually very old. Called FragAttacks, these 12 Wi-Fi vulnerabilities have existed since the late 90s. But they’re new to the cybersecurity world because people only recently discovered and described them. Researchers unveiled the details on May 12, some nine months after discovery. The researchers will present their work at the USENIX Security conference at Black Hat USA in late July and early August.

Is Cryptocurrency-Mining Malware Due for a Comeback?

The world is now focused on ransomware, perhaps more so than any previous cybersecurity threat in history. But if the viability of ransomware as a criminal business model should decline, expect attackers to quickly embrace something else – but what? We’ve been here before. In late 2017, driven by a surge in bitcoin’s value, many criminals shifted from using ransomware, which at the time was typically spread via drive-by downloads and spam attacks, to using the same tactics to instead spread cryptocurrency-mining malware. Attackers don’t seem to prioritize any given approach over another. Or at least if there was a cult devoted to the first type of ransomware ever seen in the wild – the AIDS Trojan, which in 1989 began spreading via floppy disk – any lingering adherents would be in dire need of a day job.

Toddler Mobile Banking Malware Surges Across Europe

Researchers have provided a deep dive into Toddler, a new Android banking Trojan that is surging across Europe. In a report shared with ZDNet, the PRODAFT Threat Intelligence (PTI) team said that the malware, also known as TeaBot/Anatsa, is part of a rising trend of mobile banking malware attacking countries, including Spain, Germany, Switzerland, and the Netherlands. Toddler was first disclosed by Cleafy following its discovery in January. While still under active development, the mobile Trojan has been used in attacks against the customers of 60 European banks. In a report shared with ZDNet, the PRODAFT Threat Intelligence (PTI) team said that the malware, also known as TeaBot/Anatsa, is part of a rising trend of mobile banking malware attacking countries, including Spain, Germany, Switzerland, and the Netherlands. Toddler was first disclosed by Cleafy following its discovery in January. While still under active development, the mobile Trojan has been used in attacks against the customers of 60 European banks.

Cybercriminals Customizing Malware for Attacks on Virtual Infrastructure

Cyber incidents continue to rise, ransomware accounts for nearly two-thirds of all malware attacks, and more cybercriminals are customizing malware for attacks on virtual infrastructure, Positive Technologies finds. According to the research, the number of attacks increased by 17% compared to Q1 2020, with 77% being targeted attacks, and incidents with individuals accounting for 12% of the total. Cybercriminals attacked government institutions, industrial companies, scientific organizations, and educational institutions the most. Their main targets are personal data and credentials, and attacks on organizations are also aimed at stealing commercial secrets.

IoT Malware Attacks Rose 700% During the Pandemic

Zscaler released a study examining the state of IoT devices left on corporate networks during a time when businesses were forced to move to a remote working environment. The report analyzed over 575 million device transactions and 300,000 IoT-specific malware attacks blocked over the course of two weeks in December 2020 – a 700% increase when compared to pre-pandemic findings. These attacks targeted 553 different device types, including printers, digital signage and smart TVs, all connected to and communicating with corporate IT networks while many employees were working remotely during the COVID-19 pandemic. The research team identified the most vulnerable IoT devices, most common attack origins and destinations, and the malware families responsible for the majority of malicious traffic to better help enterprises protect their valuable data.

CISA Alerts and Announcements for this week:

Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department: Review here

Your Weekly DHS/CISA Threat Assessment (Jul …

Hot Topics in Cybersecurity Posted by Data Connectors Newsroom on Jul 28, 2021

Ready for a dose of cyber anxiety? By 2025, Gartner predicts that cyber attackers will weaponize operational technology environments to harm or kill humans.

In coming after OT – that is, hardware and software that monitors and controls equipment – attackers gain the ability to impede upon cyber-physical systems (CPS), according to Gartner. This is the evolution from attacks like that on the Colonial Pipeline – disruption is one thing, but with enough access, bad actors can impact the health and welfare of private individuals.

“In operational environments, security and risk management leaders should be more concerned about real world hazards to humans and the environment, rather than information theft,” said Wam Voster, senior research director at Gartner. “Inquiries with Gartner clients reveal that organizations in asset-intensive industries like manufacturing, resources and utilities struggle to define appropriate control frameworks.”

Of course, in a world where money talks, Gartner cites the financial impact on CPS as greater than $50 billion by 2023. Gartner also anticipates CEOs becoming personally liable for incidents where individuals are harmed.

And while hospitals are often considered key targets for these types of attacks, its also worthwhile to consider other possibilities – for example, the thwarted attack on a Florida water treatment plant earlier this year. In this attack, a hacker attempted to increase the amount of sodium hydroxide (lye) in the supply of drinking water. While the attack was quickly caught before any harm occurred, this is one example of ways cyber criminals can hack into operational technology.

The Data Connectors Cybersecurity Community is a discussion on life-threatening cyber threats (LTTs) at the New England Virtual Cybersecurity Summit on August 18. The Summit will be hosting guest keynote speaker Menny Barzilay, who will be giving a presentation titled: “Cyber Kills.”

One of the biggest challenges, which Barzilay will discuss in his keynote, is that current industry standards don’t protect against these types of threats – in fact, they’re barely even discussed. However, they need to be incorporated into every organization’s risk management strategy. After all, these attacks (currently) rarely happen – even though they’re very possible.

Gartner: Cybercriminals Will Kill by 2025

Hot Topics in Cybersecurity Posted by Jen Greco on Jul 23, 2021

Slated to take effect on July 1, 2023, the Colorado Privacy Act was signed earlier this month, and will join California and Virginia as an early-mover in embracing residents’ privacy rights.

Gov. Jared Polis signed the bill on July 7, which gives Coloradans the right to access, correct and delete personal data held by organizations. Residents will also be able to opt-out of the sale of their information and personal data for targeted ads.

The law borrows, at least, in part, from the European Union’s General Data Protection Regulation (GDPR), as well as from similar statewide laws passed in California and Virginia.

Unlike the California Consumer Privacy Act (CCPA) and the Virginia Consumer Data Protection Act (VCDPA), the Colorado law applies to nonprofit organizations that meet specific thresholds. The CPA also does not apply to business-to-business or employee data, according to law firm Gibson Dunn.

The National Law Review notes that the CPA does not contain a revenue threshold for businesses, but does require any organization processing the data for 100,000 or more consumers each calendar year or deriving revenue discounts from the sale of personal data for at least 25,000 consumers. The CPA gives businesses 45 days to respond and fulfill consumer requests.

National Law Review states: “It is important to note here that the CPA uses a heightened “consent” standard that is similar to the standard used by the CPRA. “Consent” under the CPA means “a clear, affirmative act signifying a consumer’s freely given, specific, informed, and unambiguous agreement, such as by a written statement, including by electronic means, or other clear, affirmative action by which the consumer signifies agreement to the processing of personal data.””

The star of the bill, according to House Rep. Terri Carver in an interview with Colorado Politics, is that it allows for a universal opt-out, which goes into effect on July 1, 2024. This means that in a single click, consumers can ask to be removed from all data-sharing on any and all websites or companies covered by the bill – all in just one click.

The state has been working toward these laws for many years – Colorado Politics writes that calls for tighter consumer protections have been made since at least 2005.

Colorado Joins Cadre of States Enacting Pri …

Hot Topics in Cybersecurity Posted by Jen Greco on Jul 19, 2021

The US Senate unanimously confirmed Jen Easterly as the new permanent head of the Cybersecurity & Infrastructure Security Agency (CISA).

Easterly served in the Army for 20 years, worked in the Obama White House for the National Security Administration, and most recently, the head of global cybersecurity at Morgan Stanley. She was appointed with the full support of the Senate on July 11.

She will be the second official head of CISA since the organization was created in 2018, following the firing of former Director Chris Krebs in November 2020. Easterly will be taking the reins from Acting Director Brandon Wales.

CISA, which falls under the auspices of the Department of Homeland Security, has been instrumental in combatting the recent cyber attacks and threats, ranging from SolarWinds to the Colonial Pipeline ransomware. DHS Secretary Alejandro N. Mayorkas issued a statement highlighting his approval of Easterly’s appointment.

“I congratulate Jen Easterly on her confirmation as Director of CISA. Jen is a brilliant cybersecurity expert and a proven leader with a career spanning military service, civil service, and the private sector. I am proud to welcome her to the DHS team and look forward to working together to protect our country from urgent cybersecurity and physical threats,” Mayorkas said in the statement.

Asserting his support on the Senate floor, Sen. Gary Peters (D-Mich.) highlighted the recent Kaseya ransomware attack as a motivating factor for pushing her appointment as quickly as possible, The Hill reported.

“These attackers will stop at nothing to infiltrate our networks, and we urgently need qualified, Senate-confirmed cybersecurity leaders in place to fight back,” Peters was quoted in The Hill. “With more than three decades of cybersecurity expertise in the public and private sectors, Ms. Easterly is more than qualified to lead CISA.”

Senate Confirms New CISA Head Following Lat …

Industry News Posted by Jen Greco on Jul 13, 2021

It’s been quite a week when it comes to ransomware. The Kaseya attack has permeated the cybersecurity headlines across the pages of the Data Connectors Community Partners. The REvil ransomware group has gained a reputation for big cash sums and sweeping attacks – but where do they come from, and what are they looking to accomplish? Several of our partners have great perspectives published on their blogs. Here are a few of the highlights from the last week. Follow our Community Partners for a better understanding of this topic, and other major cybersecurity issues.

PURE STORAGE

With ransomware being the cybersecurity buzzword of the year, it’s important to understand the profile of the most common victims. Pure Storage offers a deep dive on the topic in their latest blog, “Who Are Ransomware Attackers and What Are They After?” Find out if you’re a potential target for an attack, and how to protect yourself from the imminent threats we all face.

CROWDSTRIKE

In the market for a solid history lesson on now-notorious hacking group REvil? Look no further than CrowdStrike’s blog, “The Evolution of PINCHY SPIDER from GrandCrab to REvil,” where they break down the motives of these RaaS groups and their history of exploiting via phishing, netting them hundreds of thousands of dollars per attack.

ATTIVO NETWORKS

After Kaseya was targeted by the REvil ransomware group, with a demand for $70 million in Bitcoin to unlock the system, many were reminded of the SolarWinds attack at the end of 2020. Attivo Networks has shared a breakdown of the attack in their blog, “Kaseya VSA Supply Chain Ransomware Attack.”

CISCO

Kaseya is the talk of the cybersecurity community, and Cisco’s blog post on the topic is no exception. Check out an interview session with Talos’ US Outreach Team lead and its accompanying blog post, discussing the impact on the affected organizations following the REvil attack.

Vendor Partner Round-Up: REvil Reviled, Kas …

Hot Topics in Cybersecurity Posted by Jen Greco on Jul 12, 2021

Virtual Summit Headlined by USSS, Highlighting Protective Actions Taken In Developing Cyber Hygiene for Organizations

OMAHA, NEBRASKA– JULY 8, 2021 Data Connectors, representing the largest cybersecurity community in North America, continues its industry-leading live Virtual Summits in the Great Plains region on Thursday, July 15.

The 2021 Great Plains Virtual Cybersecurity Summit provides senior executives in the area education regarding new solutions, as well as the latest updates and challenges in the industry. This summit will feature some of the region’s most preeminent security experts, including Special Agent in Charge Joe Scargill of the Minneapolis Field Office of the US Secret Service.

Scargill will be covering the idea of “protective advance” — the proactive and preventative work done by Secret Service teams in order to preserve the security of the people they protect.  This includes planning, practice, and exercises that represent good cyber hygiene to prevent attacks.

“The Secret Service’s expertise in cyber capabilities enhances the agency’s ability to carry out both an evolving investigative mission, and its more familiar mandate to protect our nation’s highest elected leaders,” said Agent Scargill. “The key to developing seasoned and exceptional protective agents includes the fundamental skills that are developed and refined through their work as Secret Service investigators. The training and experience that Secret Service special agents develop by conducting complex financial investigations sharpens the skill set they need to rapidly design and implement complex protective and security plans.”

The Summit will also feature live virtual exhibits and informative presentations from cybersecurity solution providers, as well as live, topical expert panels fielded by leading subject-matter experts. At the Summit, industry experts will dive into topics around ransomware, zero trust, user security, and the key trends on which Chief Information Security Officers (CISOs) should most concern themselves in the months ahead.

The Virtual Summit will also feature a live, interactive panel discussion, with some of the top CISOs from organizations throughout the region:

• Norm Kromberg, Vice President Information Security / CISO, SouthernCarlson
• Jonathan Kimmitt, CISO, The University of Tulsa
• William Pulte, CIO, Educational Service Unit 3
• Steven Ramirez, CISO, UofL Health
• Michelle Vercellino, CIO and EVP of Operations & Insights, IMA Financial Group

Attendees will ask questions and interact online with the CISOs, as well as each other and the organizations who will feature their solutions at the event. Featured solutions providers at this summit include CrowdStrike, Pure Storage, Cisco, Okta and many more.

The Summit will take place on Thursday, July 15 starting at 8:00 a.m. CT.  Registration is free for qualified professionals, who can also obtain Continuing Professional Education (CPE) credits for participation.

More information for the Summit can be found at dataconnectors.com/greatplains.

As a preview of the summit, Agent Scargill will speak live today via LinkedIn. Details of the Cybersecurity “Protective Advance”: Data Connectors LinkedIn Live Briefing can be found at https://www.linkedin.com/company/dataconnectors/posts/

Cybersecurity Leaders Seek Solutions for Ra …

Press Releases Posted by Jen Greco on Jul 8, 2021

The White House’s Executive Order, “Executive Order on Improving the Nation’s Cybersecurity,” pushed in May of this year, included phrases and concepts that many cybersecurity professionals have been aware of for years. However, one of the biggest embraces from the federal order was in that of Zero Trust.

Namely, during the migration into cloud technology, the executive branch called upon federal agencies to adopt Zero Trust architecture, and tasked the Cybersecurity and Infrastructure and Security Agency with implementing and modernizing all cloud-computing environments with Zero Trust architecture.

In its definitions section, the White House described Zero Trust Architecture as:

“ … A security model, a set of system design principles, and a coordinated cybersecurity and system management strategy based on an acknowledgement that threats exist both inside and outside traditional network boundaries.  The Zero Trust security model eliminates implicit trust in any one element, node, or service and instead requires continuous verification of the operational picture via real-time information from multiple sources to determine access and other system responses.”

But as most cybersecurity professionals will tell you, Zero Trust is a highly complex concept that unifies various parts of the security infrastructure – and even a seasoned pro can find it overwhelming to take on a zero-trust architecture.

LIVE DISCUSSION: Join the Great Plains Virtual Cybersecurity Summit and submit your Zero Trust questions for our expert panel on this topic, happening on July 15 at 3:25 p.m.

One industry expert on this topic, Okta, has published a white paper explaining the ins and outs of laying the groundwork for your organization, titled “Getting Started with Zero Trust.”

According to the paper, Zero Trust was developed by Forrester Research Analyst Jon Kindervag in 2009, which did away with the notion of a trusted internal network and an untrusted external network – think, “castles and moats.” The Zero Trust model asserts three major principles:

• All resources must be accessed in a secure manner, regardless of location;
• Access control is on a need-to-know basis and is strictly enforced;
• Organizations must inspect and log all traffic to verify users are doing the right thing.

Okta, a Data Connectors Community Partner, has established the major steps necessary for getting started on Zero Trust. The foundation, they suggest, is to make identity the foundation for the architecture.

“Put simply, the core principle of Zero Trust is to ‘never trust, always verify.’ This ensures the right people have the right level of access, to the right level of resources, in the right context, and that eccess is assessed continuously – all without adding friction for the user,” according to the white paper.

To review the stages of development, refer to “Getting Started with Zero Trust,” and learn more about how Okta and other Data Connectors Community Partners suggests navigating this terrain at the Great Plains Virtual Cybersecurity Summit on July 15.

Breaking Down Zero Trust: Implementation Be …

Hot Topics in Cybersecurity Posted by Jen Greco on Jul 6, 2021