institute for critical infrastructure technology

ICIT Talking Points: “Is the OPM Data Breach the Tip of the Iceberg?” – for the House Committee on Science, Space and Technology

Throughout June 2015, the United States Office of Personnel Management failed to adequately answer inquiries from the American people, Congress, and Federal agencies, concerning the two breaches of its systems that have left the granular personal information of 22.1 million United States Citizens in the hands of an unidentified adversary.  After review of the July .. read more

Legislative Brief “Moving Forward: How Victims Can Regain Control & Mitigate Threats in the Wake of the OPM Breach”

In June 2015, the Nation learned that the personnel records of 21.5 million United States citizens had been exfiltrated by an unknown adversary from the Office of Personnel Management, one of the largest known breaches in the history of the U.S. Government.  The immediate public outcry included congressional hearings attributing the breach to OPM administrators and .. read more

Preparing the Battlefield: The Coming Espionage Culture Post OPM Breach

As part of its continued analysis of the OPM breach, ICIT’s most recent brief entitled “Preparing the Battlefield: The Coming Espionage Culture Post OPM Breach” discusses the significant impact the breach will have on America’s national security.  The large number of victims, many of whom hold security clearances, combined with the personal nature of the information stolen gives .. read more

ICIT Brief: OPM Demonstrates that Antiquated Security Practices Harm National Security

The Institute for Critical Infrastructure Technology has published its official analysis of the Office of Personnel Management breach, Handing Over the Keys to the Castle: OPM Demonstrates that Antiquated Security Practices Harm National Security.  This research brief provides insights on several of the most important aspects of the breach, some of which are not being .. read more

Securing Federal Data Post OPM: Lunch & Learn Summary + Slides

                This week the Institute for Critical Infrastructure Technology held a Lunch and Learn called “Securing Data for Today’s Federal Agency” which focused on the increasingly daunting task of protecting federal data in an age of information sharing and increased threats both inside and outside an agency.  An .. read more

NIST Issues Revisions to ICS Security Guide; ICIT launches Initiative to Support

The National Institute of Standards and Technology (NIST) issued its second revision to its Guide to Industrial Control Systems (ICS) Security, a major source of guidance for critical infrastructure sectors which own and operate computer controlled industrial equipment. Many of the changes are driven by the internet connectivity of ICS machines and devices, or “Internet of Things”, .. read more

OPM Data Breach Interview: Federal News Radio Interviews Dan Waddell, Institute for Critical Infrastructure Technology Fellow

  The OPM Data Breach that has affected millions of current and former federal employees wasn’t about acquiring bank records or credit card information. Instead, signs point to cyber espionage. Dan Waddell, ICIT Fellow and director of government affairs at (ISC)2 joined Emily Kopp on the Federal Drive to discuss the magnitude of the breach. Click HERE .. read more

Legislative Brief: “Preventative Measures- Ensuring Information Security Prior to mHealth Development”

The Institute for Critical Infrastructure Technology  issued its latest legislative briefing titled “Preventative Measures- Ensuring Information Security Prior to mHealth Development”.  The brief is an analysis of the proliferation of mobile technologies in the healthcare ecosystem, addressing the benefits mobility brings to patients and health providers as well as data privacy risks that exist if these technologies are .. read more

ICIT Speaks at U.S. Senate “Health Sector Fly-In” on Cybersecurity

          The Institute for Critical Infrastructure Technology co-hosted and spoke at the inaugural Health Sector Fly-In Tuesday June 2, 2015, which was held at the United States Senate  and sponsored by Senator Lamar Alexander (TN).  As a member of the Healthcare and Public Health (HPH), Sector Coordinating Council (SCC) and the SCC Cyber .. read more

ICIT Fellows Talk on the Convergence of Physical and Cyber Security at the British Embassy

          Members of the Institute for Critical Infrastructure Technology spoke on the convergence of physical and cyber security at the British Embassy June 2, 2015, at a meeting attended by representatives from the United States government, the British government, and critical infrastructure sectors including Energy and Finance. The event featured a presentation by Danyetta Magana .. read more

Analysis of H.R. 1560 Title I (Protecting Cyber Networks Act) and Title II (National Cybersecurity Protection Advancement Act)

The Institute for Critical Infrastructure Technology (ICIT) today issued a briefing to members of the U.S. House of Representatives, U.S. Senate, Federal Agencies and other Critical Infrastructure Sector Leaders titled “Progress as Two Steps Forward and One Step Back: Analysis of H.R. 1560 Title I and Title II (H.R. 1731).”   The briefing is a detailed .. read more

ICIT Fellows Meet with Congressmen Van Hollen and Mooney to Deliver Threat Information Sharing Brief

                ICIT met separately with Congressmen Alex Mooney (WV) and Congressmen Chris Van Hollen (MD) (respectively) to hand deliver copies of ICIT’s Threat Information sharing brief late last week. The brief was also sent to members of the Congressional Cybersecurity Caucus in anticipation of this week’s votes on .. read more

ICIT Briefs Congress on HR691 Telehealth Modernization Act of 2015

ICIT briefed members of the Rural Health Caucus on HR691  –  Telehealth Modernization Act of 2015, where Fellows provided expertise on rural health, telemedicine, and privacy issues surrounding telehealth initiatives.  ICIT Fellows advised for strong security and access management, interoperability between EHRs, patient access to data, and the securing of data pathways themselves. Click here .. read more

ICIT Fellows Brief Congressional and Senate Members on H.R.3696 Cybersecurity and Critical Infrastructure Protection Act of 2014

Week of March 2, 2015:  ICIT presented to members of the Congressional Cybersecurity Caucus and a member of Senate on H.R. 3696: Cybersecurity and Critical Infrastructure Protection Act, in order to discuss certain aspects of the bill which it believes will be included in 2015 legislation. These meetings gleaned important findings and requests for additional briefings .. read more