A Flurry of Regulatory Action and the Need for SBOMs
Executive Order 14028 on Improving the Nation's Cybersecurity was issued in May of 2021 and provided a roadmap for a series of regulatory initiatives that government agencies (and anyone doing business with them) should prepare for. Recently we’ve seen the
Cybersecurity Nightmare = Ransomware + Software Supply Chain Attack
Recently, the Russia-based hacking group REvil, attacked the Florida-based software company Kaseya Ltd. If you’re not familiar with Kaseya, they provide network and security management services for small to medium-sized businesses (SMBs), not unlike what SolarWinds offers for large businesses.
Deciphering Executive Order 14028: Improving the Nation’s Cybersecurity
An Executive Order (EO) issued by a U.S. President is usually a pretty straightforward document. Most are just two or three pages long with a handful of directives. This is definitely not the case with President Biden’s latest EO, Executive
A SolarWinds-style Attack Has Happened Before-Cybersecurity Lessons Learned
A SolarWinds-style cyberattack happened back in in 2013-14 that affected big government agencies and thousands of companies. What should we have learned from the Dragonfly/HAVEX attack? Software Infiltration A cyberattack group called Dragonfly attacked power plants and industrial sites, employing a very
Cybersecurity Tactics to Reduce ICS Software Supply Chain Risk
Supply chain attacks like the recent SolarWinds hack are now front-page news, and cybersecurity steps must be taken to reduce the risk these attacks pose to critical systems. A platform that enables end users to manage the security of their