January 8, 2021

Post-Riot, the Capitol Hill IT Staff Faces a Security Mess

WIRED, January 8, 2021
IN THE AFTERMATH of destructive riots that trashed the United States Capitol on Wednesday, the nation is grappling with questions about the stability and trajectory of US democracy. But inside the Capitol building itself, the congressional support staff is dealing with more immediate logistics, like cleanup and repairs. A crucial part of that: the process of securing the offices and digital systems after hundreds of people had unprecedented access to them.

December 16, 2020

SolarWinds Attack Fallout: 18K Customers at Risk, ExtraHop IDs 550 Suspicious IP Addresses

SDxCentral, December 16, 2020
As many as 18,000 SolarWinds customers installed the company’s Orion software updates containing malicious code likely inserted by Russian nation-state hackers, according to documents filed with the U.S. Securities and Exchange Commission on Monday.
The SolarWinds attack may have also hit Microsoft customers. In its SEC filing, SolarWinds said the hackers compromised its Office 365 email and office productivity accounts.

December 16, 2020

Cybersecurity employee training: How to build a solid plan

TechTarget, December 16, 2020
Cybersecurity training programs play a crucial role in keeping employees informed about the changing threat landscape and about their personal role in protecting the organization and its stakeholders. Unfortunately, these programs often suffer from a lack of attention, resulting in dull and potentially outdated content that doesn't effectively engage employees and, therefore, fails to achieve its cybersecurity objectives.

December 15, 2020

Here are the critical responses required of all businesses after SolarWinds supply-chain hack

SC Mag, December 15, 2020
The U.S. Department of Homeland Security, Treasury Department and FireEye are among the most prominent victims affected by the supply chain attack on SolarWinds network monitoring software. But these data breaches are just scratching the surface of one of the most significant foreign hacking incidents in history – one that will have long-lasting repercussions.

November 23, 2020

How to Keep Your Family Safe Online | Kelvin Coleman, Exec. Director

Faith Health & Home, November 23, 2020
On this episode, I am joined by Kelvin Coleman, Executive Director of the National Cyber Security Alliance with tips and resources to keep you and your family safe and secure online.
National Cybersecurity Awareness Month is a collaborative effort between government and industry held every October to ensure every American has the resources they need for securing our digital lives as our devices continue to become more connected.

November 23, 2020

The digital switch that blocks all websites from selling your personal data

Digital Trends, November 23, 2020
Kelvin Coleman, the executive director of the National Cyber Security Alliance (NCSA), believes GPC’s legal buffers will help it legitimize its goals, as opposed to “Do Not Track” which was “rolled out in a vacuum.”
“With CCPA and GDPR existing as legal precedents, companies are forced to navigate a minefield of compliance issues and heavy fines if they’re not careful about how they handle user data. This creates more incentive to accept GPC in the long run,” Coleman said.

November 13, 2020

APT Groups Target Firms Working on COVID-19 Vaccines

HealthcareInfoSecurity, November 13, 2020
Kelvin Coleman, executive director of the National Cyber Security Alliance, sizes up the possible motivations behind the APT attacks.
"The attacks on vaccine research aren't necessarily designed to cause harm as much they are to facilitate data theft," he notes. "If these groups were operating in a way meant to cause destruction to our healthcare infrastructures - like Sandworm did with the NotPetya attack in 2017 against banks, manufacturers and pharma companies - that'd be a different story."