ICIT CERTIFIED:  In this paper, the OT Research Team at Forescout, an ICIT Fellow Program Member, performed an exercise in vulnerability and malware research for devices commonly used in building automation system (BAS). It has been reviewed by ICIT researchers and is certified as an educational document.  ICIT encourages stakeholders to read this paper and distribute it widely to share its contents. Vulnerabilities in smart buildings are very dangerous because they open thes

On February 21, 2019, Senator Mark Warner (D-VA), the vice chair of the Senate Intelligence Committee and co-chair of the Senate Cybersecurity Caucus, sent letters to twelve healthcare organizations and four federal agencies soliciting feedback via a series of questions on the security and resiliency of the healthcare sector. In the letter, he stated: “I would like to work with you and other industry stakeholders to develop a short- and long-term strategy for reducing cybers

This publication and the abstract below was published by GAO in March 2019. ICIT strongly encourages you to visit the GAO Reports and Testimonies Library to search for additional information security resources which are freely available. Why GAO Did This Study A key component of mitigating and responding to cyber threats is having a qualified, well-trained cybersecurity workforce. The act requires OPM and federal agencies to take several actions related to cybersecurity work

ICIT CERTIFIED:  This brief from ICIT Fellow Circle Member Federal News Network offers viewpoints from USDA, Department of Energy, Booz Allen Hamilton and Mobile Iron Executives discussing mobile security and how DHS Continuous Diagnostics & Mitigation (CDM) program capabilities can secure enterprise mobile environments. It has been reviewed by ICIT researchers and is a valuable educational document the Institute encourages you to read and share among your community. With mob

Under new provisions to China’s 2017 National Cybersecurity Law (CSL), entitled “Regulations on Internet Security Supervision and Inspection by Public Security Organs,” Chinese authorities can remotely conduct penetration tests on the systems and networks of any Internet-related business with at least five internet-connected computers, operating in China [1]. International organizations in all sectors operating in China, including academia, healthcare, finance, energy, consul

This publication and Executive Summary below were published by HIMSS in February 2019. ICIT strongly encourages you to visit the HIMSS Publication Library to search for additional information security resources which are freely available. Executive Summary The 2019 HIMSS Cybersecurity Survey provides insight into the information security experiences and practices of US healthcare organizations in light of increasing cyber-attacks and compromises. Reflecting the feedback from

ICIT CERTIFIED :  This brief from ICIT Fellow Circle Member Federal News Network offers viewpoints from U.S. Air Force, Office of the Director of National Intelligence, and GITLab executives discussing how DevOps can help overcome common obstacles in IT Modernization and Agile Development efforts including interoperability challenges and poor coding. It has been reviewed by ICIT researchers and is a valuable educational document the Institute encourages you to read and share