The Institute for Critical Infrastructure Technology (ICIT) describes itself as a “nonprofit (status pending), non-partisan group of the world’s most innovative experts and companies that provide technologies and solutions to support and protect our nation’s critical infrastructures.” ICIT serves as a go-between for the private sector, federal agencies, and the legislative community in key areas such as Cybersecurity, Big Data, and Health IT. It is in the scope of Cybersecurity that ICIT performed a recent analysis on the OPM (Office of Personnel Management) Breach which began in March 2014 and was publicly announced in June of 2015.
This official analysis, “Handing Over the Keys to the Castle: OPM Demonstrates that Antiquated Security Practices Harm National Security,” details the most important aspects of the breach. Some of these aspects have not been discussed in the mainstream media including:
- The connection between the VAE, Anthem and OPM breaches
- The legitimacy and confidence we can put in claims attributing the breach to Dark Panda or another Chinese state sponsored group
- Detailed cybersecurity recommendations which would have prevented the outcomes of the attack including analysis around User Behavior Analytics, Governance, Centralized IT Models, Standardization of IT Best Practices, and Continuous Monitoring and Risk Assessment
- The impact of the breach of victims, actions they should be taking, and how their risk level changes based on who is ultimately determined to be the perpetrator of the attack (nation state vs. organized crime syndicate)
For the full article click here
from cyber security caucus http://ift.tt/1jZqWP9
via IFTTT
No comments:
Post a Comment