Tag: communications
US takes on Chinese hackers
A man alleged to be behind the recent Salt Typhoon US telecoms network and US Treasury department breaches has been sanctioned by the US Department of the Treasury’s Office of Foreign Assets Control (OFAC). Yin Kecheng “has been a cyber actor for over a decade and is affiliated with the People’s Republic of China Ministry of State Security (MSS)”, says the Treasury Office. Yin is alleged to have had direct and associated involvement in both breaches. Two key individuals in President Donald Trump’s new administration, Elon Musk, and the president’s nominee to head the Department of Homeland Security, Kristi Noem, have specifically cited the two devastating breaches as the prime examples of why the nation’s cybersecurity strategy is in pressingly urgent need of being overhauled.
Fresh Focus on Cyber-Attacks for CISA
One of the greatest challenges now facing President Trump’s new administration is to protect the US’s critical infrastructure and its economy from the rapidly growing menace of cyber-attacks. On Friday, the president’s nominee to head the Department of Homeland Security, Kristi Noem, signalled a new direction for America’s main cybersecurity agency, the Cybersecurity and Infrastructure Security Agency (CISA), which, she says, urgently needs to be realigned away from focusing on misinformation and curtailing free speech and more towards preventing cyber-attacks on critical infrastructure in the US.
Gulf of misunderstanding between CEOs and CISOs widens
There is a widening gulf of miscommunication between security teams and their boards. According to software intelligence platform, Dynatrace, 77 percent of company information security officers (CISOs) say their boards and CEOs focus too heavily on the ability to react to security incidents and not enough on reducing and preventing risk proactively. “Executive engagement has often been limited to conversations around regulatory compliance and high profile or user-centric security risks, such as phishing attacks, ransomware, or the use of mobile devices among an increasingly hybrid workforce. There is often less understanding of the material operational effects created by other, more technology-centric risks, such as gaps in the organization’s application security posture,” says Dynatrace.