{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


linkedin facebook twitter instagram
Big cybersecurity policy changes are closer to the finish line. A Dragos deal shows the deep interest in ICS security. And Reality Winner loses another court decision. This is CyberScoop for Tuesday, Dec. 8, 2020.

House votes on defense bill chock full of cyber proposals

Today's the day the House is set to vote on what some are calling the biggest cyber legislation ever. The annual defense policy bill, which typically passes by large bipartisan margins, would create a national cyber director in the White House, give additional powers to the Department of Homeland Security's Cybersecurity and Infrastructure Agency and much more. A veto threat still looms over it, however. The Cyberspace Solarium Commission got 26 of its recommendations in the bill, but its work isn't over even if President Donald Trump backs away from his promise. Tim Starks has a rundown, and a look ahead.

A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.

A cash-flush ICS market

Maryland-based industrial security firm Dragos announced Tuesday that it had raised $110 million from the investment arms of Koch Industries, Saudi Aramco and National Grid, a landmark haul that shows that the world’s richest companies are interested in a once-obscure market. Dragos CEO Robert M. Lee said the money would be used to open offices in Australia, Dubai and the UK. Sean Lyngaas has more.

Reality Winner will stay in prison

A federal appeals court has backed a lower court's decision to keep Reality Winner in a federal prison in Texas, despite her attempts to win compassionate release due to the coronavirus pandemic. The U.S. Court of Appeals for the 11th Circuit said a district court had acted properly in rejecting a motion for release from Winner, who argued that COVID-19 lockdowns have affected her ability manage depression and an eating disorder. Winner, a former NSA contractor, was convicted of violating the Espionage Act for giving a news organization a document about Russian interference in U.S. elections. Joe Warminsky has the court documents.

Connected devices susceptible to 33 flaws

A freshly revealed group of 33 vulnerabilities could affect millions of connected products made by at least 150 major vendors, from smart fridges to devices that control a building's ventilation system. Forescout said the vulnerabilities affect a foundational connectivity component of devices around the world, open-source TCP/IP stacks. CISA is issuing a warning about the flaws, which are hard to manage since no one company is responsible for the four affected sets of open-source internet communications protocols. Tim has the research.

Using obliviousness to enhance privacy

Cloudflare heralded three privacy initiatives on Tuesday, each tackling a different yet fundamental piece of the internet. The biggest and most ready for prime time is Oblivious DNS over HTTPS, which the company developed with engineers from Apple and Fastly. The idea is to make it so no one can see both IP addresses and queries at the same time. The other two are related to password security and halting metadata leaks. Tim has this one, too.

Baltimore-area hospital gets ransomware’d

The pandemic of ransomware attacks on health care providers continues. Greater Baltimore Medical Center, a 342-bed facility, this week revealed itself to be the latest victim of digital extortionists. Some scheduled procedures were likely to be postponed, the hospital said. Sean has more.


Laying the terms for partnerships with ethical hackers

The pandemic has put a great deal of pressure on organizations to modernize quickly. With the urgency to implement digital services, and the limited budget and staff proportionate to their needs, getting support to identify weaknesses in systems and applications can help enterprises and civilian agencies mitigate security risks. A new guide outlines the terms that can facilitate these partnerships. Read more from HackerOne.

Federal agencies get guidance on trustworthy AI

Civilian federal agencies officially have guidance from the top on how to use artificial intelligence technologies in a way that protects privacy and civil rights. President Trump signed an executive order last week offering nine principles and a policy process for implementing AI. The document borrows heavily from principles already established by the defense and intelligence communities. Jackson Barnett and Dave Nyczepir break it down at FedScoop.

Tweet Of The Day


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}