Category: Agency News

DHS Awards $1.5M to Small Business for First Responder Emergency Alerts Technology Development

Agency News, Health & Social Care, Industry News, Transport sector
As emergency communications technologies adapt to an increasingly interconnected nation, the Department of Homeland Security (DHS) Science and Technology Directorate (S&T) today announced it awarded more than $1.5 million to develop an Alerts, Warnings, and Notifications (AWN) Guidance Tool. The program planning app, which will be available through a portal at FEMA's website, is expected to provide customized resources, best practices and program templates to address the most pressing challenges of alert originators, helping public safety agencies at the federal, state, local, tribal and territorial levels disseminate emergency and life-saving information.
“From the devastating wildfires on the West Coast to the very active Atlantic/Caribbean 2020 hurricane season to the ongoing COVID-19 public health emergency, there is a growing need to push actionable information out quickly to the public in order to save lives,” said Antwane Johnson, director of FEMA’s Integrated Public Alert & Warning System (IPAWS) office.
S&T awarded $1,542,113 through its Long-Range Broad Agency Announcement (LRBAA) program to Corner Alliance, Inc., a small business consulting firm based in Washington, D.C. and Boulder, CO. The research and development of this tool is a continuation of S&T’s partnership with FEMA in creating the IPAWS Program Planning Toolkit, aimed at assisting public safety agencies in minimizing alerting delays; planning for future alerts, warnings and notifications enhancements; facilitating interoperability across different technologies; and improving information sharing among emergency management and public safety officials.
“First responders rely on information to make life saving decisions, often with very little time to spare,” noted William Bryan, DHS Senior Official Performing the Duties of the Under Secretary for Science and Technology. “This tool will help public safety agencies respond quickly and decisively during emergencies or catastrophic events, and that allows the greater homeland security enterprise to be more prepared and resilient.”
The documents in the IPAWS Program Planning Toolkit were produced based on recent innovative changes to technology and derived from the collection of successful practices and lessons learned from hundreds of data points from stakeholders, including emergency managers, public information officers, alerting originators and administrators, and alerting experts.
“FEMA and DHS S&T plan to expand the toolkit into an online, user-friendly format that will allow stakeholders to download and print pre-filled planning documents with their information,” said DHS S&T Program Manager Norman Speicher. “Through this development, our team will continue utilizing a stakeholder validation process.”
To learn more about the LRBAA program, please visit https://www.dhs.gov/science-and-technology/st-lrbaa.
Leave a comment , ,

CISA Launches Campaign to Reduce Risk of Ransomeware

Agency News, Cyber Security CII sector, Industry News
The Cybersecurity and Infrastructure Security Agency (CISA) announced the Reduce the Risk of Ransomware Campaign today, a focused, coordinated and sustained effort to encourage public and private sector organizations to implement best practices, tools and resources that can help them mitigate this cybersecurity risk and threat.
Ransomware is increasingly threatening both public and private networks, causing data loss, privacy concerns, and costing billions of dollars a year. These incidents can severely impact business processes and leave organizations without the data they need to operate and deliver mission-critical services. Malicious actors have adjusted their ransomware tactics over time to include pressuring victims for payment by threatening to release stolen data if they refuse to pay and publicly naming and shaming victims as secondary forms of extortion.
“CISA is committed to working with organization at all levels to protect their networks from the threat of ransomware,” said Brandon Wales, Director (Acting) of CISA. “This includes working collaboratively with our public and private sector partners to understand, develop and share timely information about the varied and disruptive ransomware threats. Anyone can be the victim of ransomware, and so everyone should take steps to protect their systems.”
In this campaign, which will have a particular focus on supporting COVID-19 response organizations and K-12 educational institutions, CISA is working to raise awareness about the importance of combating ransomware as part of an organization’s cybersecurity and data protection best practices. Over the next several months, CISA will use its social media platforms to iterate key behaviors or actions with resource links that can help technical and non-technical partners combat ransomware attacks.
CISA established a new one-stop resource at cisa.gov/ransomware. On this page, interested partners will find four categories of ransomware resources:
- Alerts and Statements: Official CISA updates to help stakeholders guard against the ever-evolving ransomware threat environment. These alerts are geared toward system administrators and other technical staff to bolster their organization’s security posture.
- Guides and Services: Tips and best practices for home users, organizations, and technical staff to guard against the growing ransomware threat.
- Fact Sheets and Infographics: Easy-to-use, straightforward information to help organizations and individuals better understand the threats from and the consequences of a ransomware attack.
- Trainings and Webinars: This information provides technical and non-technical audiences, including managers, business leaders, and technical specialists with an organizational perspective and strategic overview.
Many of the resources on this webpage were developed in collaboration with industry and interagency partners, such as:
- CISA and Multi-State Information Sharing and Analysis Center (MS-ISAC) Joint Ransomware Guide;
- CISA, Federal Bureau of Investigation (FBI), and Department of Health and Human Services (HHS) Joint Cybersecurity Advisory on Ransomware Activity Targeting the Healthcare and Public Health Sector;
- CISA, FBI, DHS Homeland Security Investigations, and U.S. Secret Service recorded video discussion on Trends and Predictions in Ransomware from the 2020 CISA National Cybersecurity Summit.
- CISA Fact Sheet on Cyber Threats to K-12 Remote Learning Education for non-technical educational professionals with contributions from the FBI.
Leave a comment , ,

Securing Cloud Services for Health: New report by EU Agency for Cybersecurity helps healthcare organisations securely adopt cloud services and prepare for cybersecurity challenges

Agency News, Cyber Security CII sector, Industry News
The European Union Agency for Cybersecurity (ENISA) published the Cloud Security for Healthcare Services report, which provides cybersecurity guidelines for healthcare organisations to help further digitalise with cloud services. Building on ENISA’s procurement guidelines for cybersecurity in hospitals, published early last year, this new report assesses the cybersecurity risks of cloud services and offers good practices for their secure integration into the European healthcare sector. The ENISA report comes as the European Commission is moving forward this year with the European Health Data Space initiative to promote the safe exchange of patients’ data and access to health data.
The COVID-19 pandemic has underlined an increased need for efficient – and secure – digital healthcare services. Cloud solutions allow for the flexible and rapid deployment of the electronic storage of data and electronic communications such as telemedicine. However, the complexity of legal systems and new technologies, as well as concerns over the security of sensitive patient data have slowed the healthcare sector in adopting cloud services.
EU Agency for Cybersecurity Executive Director Juhan Lepassaar said: “A resilient health sector relies on secure digital solutions. The EU Agency for Cybersecurity provides healthcare organisations with guidance to address cybersecurity concerns related to cloud services and is preparing an EU Cloud Cybersecurity Certification scheme, both of which aim to do just that.”
The report addresses these concerns by providing security guidelines for three main areas in which cloud services are used by the healthcare sector, namely for:
Electronic Health Record (EHR), i.e. systems focusing on the collection, storage, management and transmission of health data, such as patient information and medical exam results;
Remote Care, i.e. the subset of telemedicine supporting remote patient-doctor consultation;
Medical Devices, i.e. cloud services supporting the operation of medical devices such as making medical device data available to different stakeholders or for device monitoring.
For each of these use cases, the report highlights the main factors to be considered when healthcare organisations conduct the relevant risk assessment – for example, in terms of risk to sensitive patient data or availability of a medical service. These guidelines, however, are only a first step for healthcare providers to adapt securely to the cloud. More support is needed, such as established industry standards on cloud security, specific direction from national and EU authorities, and further guidelines from Data Protection Authorities on transferring healthcare data to the cloud.
The report also proposes a set of security measures for healthcare organisations to implement when planning their move to cloud services, such as establishing processes for incident management, defining data encryption requirements, and ensuring data portability and interoperability. The measures are proposed taking into consideration the draft candidate EU Cybersecurity Certification Scheme on Cloud Services (EUCS) to ensure compatibility and requirements mapping. The Agency’s draft scheme is part of the larger cybersecurity certification framework aimed at enhancing trust in ICT products, services and processes across Europe. The draft scheme is open for public consultation until 7 February 2021.
The EU Agency for Cybersecurity will continue its work to strengthen the cybersecurity of Europe’s healthcare sector by publishing guidelines, promoting information sharing, collaborating with policy-makers and organising events such as the annual eHealth Conference, addressing the healthcare sector’s major cybersecurity challenges.
Leave a comment , , ,

ENISA and eu-LISA – Cooperation for a More Digitally Resilient Europe

Agency News, Cyber Security CII sector, Industry News
Within the priorities of the Portuguese Presidency of the Council of the European Union and the current Recovery Plan for Europe put forward by the European Commission, the words “digital” and “resilience” are prominent and at times used together. When combined they bring to mind IT-related challenges that need to be addressed to ensure a stronger and safer Europe for its citizens. One of the primary concerns is cybersecurity; and, given that this is a topic of common interest to the European Union Agency for Cybersecurity (ENISA) and the European Union Agency for the Operational Management of Large-Scale IT Systems in the Area of Freedom, Security and Justice (eu-LISA), it gives the two Agencies further impetus to work together to face this growing threat.
Earlier today Executive Directors Juhan Lepassaar (ENISA) and Krum Garkov (eu-LISA) signed a multiannual Cooperation Plan. The plan sets out activities that will provide benefits through joint actions to the Agencies themselves and to the EU Member States.
The three-year Cooperation Plan complements the existing regulations applicable to ENISA and eu-LISA, and lays out various actions within complimentary areas that the Agencies can draw benefits from by sharing knowledge, information and expertise. Information Security, Business Continuity, Research, Data Protection and Corporate Quality Management are among the priority areas identified for collaboration.
ENISA Executive Director Juhan Lepassaar said: “Securing our digital future is facilitated by sharing knowledge and expertise. This Cooperation Plan will allow our Agencies to find solutions together.”
"With cybersecurity and digital resilience high on the European agenda for the coming years, it seems fitting to take the opportunity to strengthen our cooperation with ENISA and to boost our common contributions to the goals set for Europe's digital future. There are many areas where our respective consolidated expertise can be put to good use. The EU Cybersecurity Strategy, adopted by the Commission in December, is one of these and the fast changing landscape of cyber threats including the ensuing need to secure common cyber spaces are examples of where we can mutually assist each other. This renewed agreement is the best way to kick-off 2021 and eu-LISA is looking forward to extending its relationship with ENISA." said Krum Garkov, Executive Director of eu-LISA.
It is in the common interest of both Agencies to promote and share activities with their stakeholders and the general public in order to provide increased visibility and further improve awareness of their respective responsibilities and joint successes. For this reason, the Cooperation Plan includes core activity related plans, as well as communication and information sharing as important areas for joint actions.
Leave a comment , , ,

NSA releases “Eliminating Obsolete Transport Layer Security (TLS) Protocol Configurations” Cybersecurity Information

Agency News, Cyber Security CII sector, Industry News
The National Security Agency released a cybersecurity product Tuesday detailing how to detect and fix out-of-date encryption protocol implementations. Networks and systems that use deprecated forms of Transport Layer Security (TLS) or Secure Sockets Layer (SSL) for traffic sessions are at risk of sensitive data exposure and decryption.
The Cybersecurity Information Sheet, “Eliminating Obsolete Transport Layer Security (TLS) Protocol Configurations” instructs National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) system administrators on how to detect, prioritize, and replace unauthorized or deprecated TLS protocols with ones that meet current standards. Committee on National Security Systems (CNSS) Policy 15 requires that TLS protocols used by National Security Systems meet specified algorithm standards. Remediation is crucial to decreasing computer system and network attack surfaces and preventing unauthorized access to private data.
To help system administrators fix their network components, NSA developed several server configurations and network signatures to accompany the report that are available on the NSA Cybersecurity Github. While this information is provided to assist NSA's mission customers, any network administrator interested in finding and fixing their network components to allow only authorized and strong encryption protocol configurations may find it useful.
NSA seeks to regularly release unique, actionable, and timely cybersecurity guidance to secure the Department of Defense, National Security Systems, and the Defense Industrial Base. For more information or other cybersecurity products, visit NSA.gov/cybersecurity-guidance.
Leave a comment ,

FAA Should Examine a Range of Options to Support U.S. Launch Infrastructure

Agency News, Industry News, Space Sector
Demand for commercial space launches is expected to increase. Twelve launch sites in The US held operator licenses in Aug. 2020, and 11 more were seeking licenses from the Federal Aviation Administration.
Congress asked the FAA to recommend ways to facilitate and promote investments in space transportation infrastructure. The FAA told the GAO that its response would focus on 2 existing FAA grant programs.
Launch providers support the deployment of people and payloads, such as national security and commercial satellites or research probes, into space. The majority of these providers told GAO that U.S. space transportation infrastructure—located at sites across the country—is generally sufficient for them to meet their customers' current requirements. This situation is in part a result of the launch providers' investments in launch sites, along with state and local funding. Launch providers and site operators alike seek future improvements but differ on the type and location of infrastructure required. Some launch providers said that infrastructure improvements would be required to increase launch capacity at existing busy launch sites, while a few site operators said that new infrastructure and additional launch sites would help expand the nation's overall launch capacity.
The Federal Aviation Administration (FAA) was directed by statute to make recommendations to Congress on how to facilitate and promote greater investments in space transportation infrastructure, among other things. However, FAA's initial draft report was limited because it focused only on two existing FAA programs, rather than a range of options. FAA officials stated that they did not examine other options because of limited time and resources, and that the two identified programs could be implemented quickly because FAA has administrative authority to manage them. Leading practices in infrastructure investment emphasize the importance of conducting an examination of potential approaches, which can help identify how best to support national interests; avoid overlap or duplication of federal effort; and enhance, not substitute, participation by non-federal stakeholders. An examination may also help identify alternatives to making funding available, such as increasing efficiency and capacity through technology improvements. By focusing only on these existing programs, FAA may overlook other options that better meet federal policy goals and maximize the effect of any federal investment. Although FAA has already prepared its initial report to respond to the statute, it still has opportunities, such as during subsequent mandated updates, to report separately on potential approaches.
Demand for commercial space launches is anticipated to increase in the coming years. FAA, the agency responsible for overseeing the sites where these launches occur, was directed by statute to submit a report—and update it every 2 years until December 2024—that makes recommendations on how to facilitate and promote greater investments in space transportation infrastructure.
Leave a comment , , ,

US Partnering with Cyprus on a Training Centre for Port and Border Security, known as CYCLOPS

Agency News, Cyber Security CII sector, Industry News

This $5 million training facility donated by the United States will be owned and operated by the Republic of Cyprus and will allow international partners to train in a dedicated facility with cutting edge equipment. Here, experts from the region will receive state of the art instruction in border security, customs and export controls, port and maritime security, and cybersecurity.

A mobile cyber security training laboratory will allow regional partners to learn best practices to secure their critical infrastructure and engage in cross-border cyber investigations. These training platforms will serve as a hub that works in close association with partner countries in the Mediterranean, the Middle East, and elsewhere.

The CYCLOPS center is just one important result of continuing American engagement in the Eastern Mediterranean region and of the strong relationship between the United States and the Republic of Cyprus. We look forward to continuing our security partnership with the Republic of Cyprus and the region in the coming years.

Leave a comment , ,

CISA Updates Emergency Directive 21-01 Supplemental Guidance and Activity Alert on SolarWinds Orion Compromise

Agency News, Cyber Security CII sector, Industry News
CISA has released Emergency Directive (ED) 21-01 Supplemental Guidance version 3: Mitigate SolarWinds Orion Code Compromise, providing guidance that supersedes Required Action 4 of ED 21-01 and Supplemental Guidance versions 1 and 2.
- Federal agencies without evidence of adversary follow-on activity on their networks that accept the risk of running SolarWinds Orion in their enterprises should rebuild or upgrade, in compliance with hardening steps outlined in the Supplemental Guidance, to at least SolarWinds Orion Platform version 2020.2.1 HF2. The National Security Agency (NSA) examined this version and verified it eliminates the previously identified malicious code. This version also includes updates to fix un-related vulnerabilities, including vulnerabilities that SolarWinds has publicly disclosed.
- Federal agencies with evidence of follow-on threat actor activity on their networks should keep their affected versions disconnected, conduct forensic analysis, and consult with CISA before rebuilding or reimaging affected platforms and host operating systems.
The updated supplemental guidance also includes forensic analysis and reporting requirements.
CISA has also updated AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations, originally released December 17, 2020. This update includes new information on initial access vectors, updated mitigation recommendations, and new indicators of compromise (IOCs).
Although the Emergency Directive only applies to Federal Civilian Executive Branch agencies, CISA encourages state and local governments, critical infrastructure entities, and other private sector organizations to review CISA Emergency Directive 21-01 - Supplemental Guidance v.3 for recommendations on operating the SolarWinds Orion Platform. Review the following resources for additional information on the SolarWinds Orion compromise.
Leave a comment ,

CISA Releases ICT Supply Chain Risk Management Task Force Year 2 Report

Agency News, Cyber Security CII sector, Industry News, Transport sector
The Cybersecurity and Infrastructure Security Agency (CISA) and government and industry members of the Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force released an annual report on its progress to advance meaningful partnerships and analysis around supply chain security and resilience.
The ICT SCRM Task Force Year 2 Report builds upon previous work completed in year one of the ICT SCRM Task Force. It showcases the collective ongoing efforts of four working within the Task Force to address challenges to information sharing, threat analysis, qualified bidder and qualified manufacturer lists, and vendor assurance. It also reflects a new working group, Working Group 5, which recently released an analysis report on the impacts of the COVID-19 pandemic on ICT supply chains.
Developed through the expertise and contributions of government and industry, the ICT SCRM Task Force Year 2 Report addresses the lifecycle of supply chain risk management, including how stakeholders identify and understand risk, communicate about and work together to address risk, grow their structural operations for addressing risks, and improve their understanding and self-assessment of their risk posture.
“Government can’t act in a silo,” said Bob Kolasky, CISA Assistant Director and ICT SCRM Task Force Co-Chair. “We must work in partnership with public and private industry. The Task Force has and will continue to serve as a model of excellence in helping to improve the Nation’s collective ability to assess and mitigate threats to the ICT supply chain.”
“As we were reminded this week, supply chain security is a matter of urgency and consequence, and the best way to increase our defenses is through substantial coordination and cooperation between government and industry,” said Robert Mayer, Senior Vice President of Cybersecurity and Innovation at USTelecom and ICT SCRM Task Force Co-Chair. “That is the mission of our task force. Through this partnership with DHS and more than a dozen agencies, the Information Technology and Communications sectors has tackled tough issues like information sharing, threat assessment, qualified bidders and manufacturer lists, and security issues presented by the pandemic. This is a partnership that will expand in 2021 and further strengthen the security and resiliency of our supply chain.”
“For the past two years, the Information Technology and Communications sectors have worked hand-in-glove with CISA and other federal government partners to establish the Task Force as the preeminent public-private partnership tackling the critical issue of global ICT supply chain security,” said John Miller, Senior Vice President of Policy and Senior Counsel at Information Technology Industry Council (ITI) and ICT SCRM Task Force Co-Chair. “The Year 2 Report represents a significant milestone, delivering actionable recommendations to help public and private sector organizations better assess and manage supply chain risks, including by creating tools to address supply chain threat information sharing, threat analysis, and vendor assurance and trust. The Task Force looks forward to working with our federal partners in 2021 and beyond to operationalize the policy recommendations in this report to better manage today’s all-too-real supply chain threats and to develop future work products that will address other dimensions of this important national security issue.”
The Task Force plans to release working group reports described in the Year 2 Report in the coming weeks. Members will continue to explore means for building partnerships with international partners, new sectors, and stakeholders who can help grow the applicability and utilization of Task Force products.
Leave a comment , , ,

Cybersecurity in the Maritime Sector: ENISA Releases New Guidelines for Navigating Cyber Risk

Agency News, Cyber Security CII sector, Industry News
The European Union Agency for Cybersecurity provides port operators with a set of good practices to help them identify and evaluate cyber risks, and effectively identify suitable security measures.
The European Union Agency for Cybersecurity (ENISA) released cybersecurity guidelines to help European port operators manage cyber risks amid digital transformation and increased regulations. ENISA’s new Guidelines - Cyber Risk Management for Ports was drafted in collaboration with several ports in EU Member States. The publication builds on ENISA’s 2019 Port Cybersecurity Report by providing actionable practices that speak to the current cybersecurity threats and changing digital landscape faced by Europe’s maritime sector.
EU Agency for Cybersecurity Executive Director Juhan Lepassaar stated: “The maritime sector plays a pivotal role in the global supply chain. Advancing digital technologies bring economic benefits to ports, but also introduce new cyber threats. The report provides guidelines and good practices to support them in effectively conducting this cyber risk assessment, which is where many of these operators face challenges.”
The interconnected nature of ports requires operators to achieve and maintain a baseline level of cybersecurity to ensure security across the port ecosystem. The report notes that the EU maritime sector has a fragmented approach to assessing cyber risks.
The report encourages port operators to develop a set of good practices in a means to develop this baseline level of cybersecurity. Practices include to:
- Identify cyber-related assets and services in a systematic way that includes maintaining an asset inventory, identifying dependencies and deploying automation;
- Adopt a comprehensive approach for identifying and evaluating cyber risks that includes CTI, risk indicators and business impact analysis, involves all relevant stakeholders and is integrated at an organisational level;
- Prioritise the implementation of security measures following a risk-based approach that considers security measure effectiveness and pertinence to the identified risks, and is founded in a security-by-design approach;
- Implement organisation-wide cybersecurity awareness and technical training programmes;
- Develop a comprehensive cybersecurity programme that involves a commitment by senior management;
- Conduct a cybersecurity maturity self-assessment to identify priorities for improvement, and budget and resource allocation.
Background
The NIS Directive classifies several categories of port operators as Operators of Essential Services (OES), including port authorities and terminal operators. Cyber risk assessments are among the NIS Directive requirements for these OES. The International Maritime Organisation’s (IMO) International Ship and Port Facility Security (ISPS) code concerns port facilities / terminal operators and provides a framework for conducting security risk assessment, albeit not necessarily specific to cyber risks. The ISPS code is implemented in the EU by Regulation 725/2004; while EU Directive 2005/65 on enhancing port security introduces similar requirements and extends them to ports.
The EU Agency for Cybersecurity supports cybersecurity in Europe’s maritime sector by providing recommendations, supporting the development of regulations, facilitating information exchange and organising awareness-raising events. In 2019, the Agency published its Port Cybersecurity Report with a set of cybersecurity good practices for the maritime sector, and organised two maritime security workshops with the European Maritime Safety Agency (EMSA).
The Agency is currently developing an online tool for cyber risk management for port operators, and will continue its work with EU bodies, such as the EMSA, and Member States to strengthen cybersecurity for the sector.
Leave a comment , , ,
1 28 29 30 31 32 37