NIST

The Cybersecurity Show Must Go On: Surpassing Security Theatre and Minimal Compliance Regulations

The United States Cybersecurity culture is heavily rooted in practices of Security Theater, where an organization that suffers a data breach can invest in countermeasures that provide a feeling or sense of security without actually improving the cybersecurity threat posture of the organization. In this publication, entitled “The Cybersecurity Show Must Go On:  Surpassing Security .. read more

ICIT Publication – Rise of the Machines: The Dyn Attack Was Just a Practice Run

As the adversarial threat landscape continues to hyper-evolve, America’s treasure troves of public and private data, IP, and critical infrastructure continues to be pilfered, annihilated, and disrupted.  The Mirai IoT botnet has inspired a renaissance in adversarial interest in DDoS botnet innovation based on the lack of fundamental security-by-design in the Internet and in IoT .. read more

NIST SP 800-160: For the Rest of Us – An ICIT Summary

NIST Special Publication 800-160: Systems Security Engineering: Consideration for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems, offers useful strategies that can raise the bar for cyber defense and can be implemented quickly to drastically minimize traditionally vulnerable attack surfaces laid siege by state sponsored APTs, hacktivists, sophisticated mercenaries and cyber jihad hackers. This condensed .. read more

ICIT Brief: Hacking Healthcare IT in 2016: Lessons the Healthcare Industry can Learn from the OPM Breach

Among all of America’s critical infrastructures, the healthcare sector is the most targeted and plagued by perpetual persistent attacks from numerous unknown malicious hackers. The goal of these threat actors is to exploit vulnerabilities in insecure and antiquated networks in order to exfiltrate patient data for financial or geopolitical gain. In order to protect patient .. read more

ICIT Senate Briefing: Hacking Hospitals

            On November 19, the Institute for Critical Infrastructure Technology conducted a briefing at the U.S. Senate entitled “Hacking Hospitals” to address the growing threats facing healthcare organizations. During this briefing, senior Senate staffers and attendees from agencies including the Departments of Veterans Affairs, State, Homeland Security, Health and Human .. read more

ICIT Hill Event: “Hacking Hospitals” Briefing @ Senate

“Hacking Hospitals”  The national surge in the number of internet enabled medical devices, electronic health record management systems, mHealth and health information sharing initiatives has increased the attack surface at healthcare organizations and contributed significantly to the increase in successful data breaches at hospitals and insurance companies over the last several years.  Given the current .. read more

Congresswomen Lee (TX) and Chu (CA) speak at “Town Hall” on Minority Representation in Cybersecurity

            As part of Cybersecurity Awareness month, the Institute for Critical Infrastructure Technology hosted a Town Hall on Minority Representation in Cybersecurity, a meeting sponsored by Congresswoman Sheila Jackson Lee (TX).  Congresswoman Lee was joined by Congresswoman Linda T. Sánchez, Chair of the Congressional Hispanic Caucus and Congresswoman and Judy Chu, .. read more

NIST Issues Revisions to ICS Security Guide; ICIT launches Initiative to Support

The National Institute of Standards and Technology (NIST) issued its second revision to its Guide to Industrial Control Systems (ICS) Security, a major source of guidance for critical infrastructure sectors which own and operate computer controlled industrial equipment. Many of the changes are driven by the internet connectivity of ICS machines and devices, or “Internet of Things”, .. read more

HP, WatchDox, Covenant Announced as ICIT Fellows

February 10, 2015 –   The Institute for Critical Infrastructure Technology (ICIT) announces the addition of HP, Watchdox, and Covenant Security Solutions as ICIT Fellows, organizations who bring highly qualified experts, technologies and solutions to support the niche advisory ICIT provides the policy community in the fields of critical infrastructure technology and cyber security. “With .. read more