SM Online June 2017
GRID SECURITY
For the first time in history, hackers used a cyberattack to knock out a portion of a nation’s electric grid. In Analysis of the Cyber Attack on the Ukrainian Power Grid, experts from SANS and the Electricity Information and Analysis Center explain how the hackers carried out the attack. Another report, When the Lights Went Out: A Comprehensive Review of the 2015 Attacks on Ukrainian Critical Infrastructure, this one from Booz Allen Hamilton, analyzes the same attack and suggests ways to avoid another one.
CRITICAL INFRASTRUCTURE
A new report from the Massachusetts Institute of Technology—Keeping America Safe: Toward More Secure Networks for Critical Sectors—identifies eight challenges with recommendations for increased infrastructure cybersecurity.
STEMMING RADICALIZATION
A bipartisan study group convened by the Washington Institute, a think tank dedicated to U.S. Middle East policy, recently issued a report which examines the question: Can the U.S. government build a system of intervention where individuals could be identified and redirected away from extremism before they commit an act of terror? The report, Defeating Ideologically Inspired Extremism: A Strategy to Build Strong Communities and Protect the U.S. Homeland, looks at alternatives.
AIRPORT SECURITY
In its recent report, America’s Airports: The Threat from Within, the U.S. House of Representatives’ Homeland Security Committee pulls no punches in a clear conclusion: “America’s airports and aircraft remain vulnerable to attack and exploitation by nefarious individuals.”
BORDER PROTECTION
Two government reports delve into current border security efforts and what can be learned from them as the new U.S. administration moves to build a wall between the United States and Mexico.
VIGILANCE FATIGUE
To effectively respond to alerts, security operators must pay attention for sustained periods of time without getting so tired that job performance decreases. But are vigilance and fatigue two sides of the same coin? That was the topic of a panel at the Human Factors and Ergonomics Society 2016 Annual Meeting, which published its findings in a paper.
INCENTIVES
Misaligned incentives between hackers and defenders are making companies more vulnerable to cyberattacks, according to Tilting the Playing Field: How Misaligned Incentives Work Against Cybersecurity from Intel.
HUMAN RIGHTS
The U.K. House of Commons passed a bill that expands the U.K. government’s powers to freeze human rights violators’ assets.
HOSTILE ENVIRONMENT
Hugs in the workplace may create a sexually hostile work environment under Title VII of the Civil Rights Act, a U.S. federal court of appeals ruled.
SAFETY INSPECTIONS
A global oil and gas production services provider will pay $9 million for falsifying safety inspections and violating the U.S. Clean Water Act.
CYBER SPENDING
A survey from Nuix finds that 42 percent of self-identified hackers and penetration testers consider data hygiene and information governance the least effective places to spend a security budget.