U.S. Federal Cybersecurity Today Computer security regulations have come a long way from their early beginnings.  Even before the Federal Information Security Management Act (FISMA), there was the Computer Security Act of 1987 (CSA). The Computer Security Act was enacted by the 100th United States Congress in response to a lack of computer security protection measures, and a strong need for internal computer security governance for U.S. Federal agencies. Although the U.S. Federal Government relied…

In October, the Federal Energy Regulatory Commission (FERC) released its “2020 Staff Report Lessons Learned from Commission-Led CIP Reliability Audits.” The report summarizes the Commission’s observations from Critical Infrastructure Protection (CIP) audits performed in conjunction with staff from Regional Entities and the North American Electric Reliability Corporation (NERC). It is intended to inform both the community that’s subject to the CIP reliability standards and the public of lessons learned from audits performed in 2020. In…

This is the busiest time of the year for developers targeting AWS. Just over a week ago we announced the GA of Docker Compose for AWS, and this week we’re getting ready to virtually attend AWS re:Invent. re:Invent is the annual gathering of the entire AWS community and ecosystem to learn what’s new, get the latest tips and tricks, and connect with peers from around the world. Instead of the traditional week-long gathering of 60,000…

The events of 2020 have marked a crossroads in cybersecurity. As the global pandemic became a catalyst for digital transformation across organizations of all sizes, so too did cyberattacks continue to rise exponentially. Under the cover of COVID-19, bad actors have taken advantage of a more digitally distributed workforce to wreak havoc on industries everywhere. From bored teenagers operating out of their bedrooms to organized gangs and their global networks, it’s predicted that cybercriminals will…

Cybercriminals can use stolen information for extortion, scams and phishing schemes, and the direct theft of money, says Kaspersky. Image: wildpixel, Getty Images/iStockphoto Cybercriminals who capture your personal information often do one of two things with it. They’ll either use it themselves to directly hack your accounts, or they’ll sell it on the Dark Web. And once your personal data is up for sale, buyers can use it for financial gain or for doxing, a…

We are happy to share that we will be presenting at Tech Field Day 22 with an exciting hot new topic: Optimized DRaaS with VMware Cloud Disaster Recovery.   Tech Field Day is a series of invite-only technical meetings between delegates invited from around the world and sponsoring enterprise IT companies that share their products and ideas through presentations, demos, roundtables, and more. And at Tech Field Day 22, VMware experts will talk about our…

Experts found a critical flaw in Real-Time Automation’s (RTA) 499ES EtherNet/IP stack that could allow hacking industrial control systems. Tracked as CVE-2020-25159, the flaw is rated 9.8 out of 10 in severity by the industry-standard Common Vulnerability Scoring System (CVSS) and impacts all versions of EtherNet/IP Adapter Source Code Stack prior to 2.28, which was released on November 21, 2012. Security researchers from security company Claroty have discovered a critical flaw in Real-Time Automation’s (RTA) 499ES EtherNet/IP (ENIP)…