National Cyber Security Awareness Month

National Cyber Security Awareness Month

October is National Cyber Security Awareness Month and it is an opportunity to engage public and private sector stakeholders – especially the general public – to create a safe, secure, and resilient cyber environment. Everyone has to play a role in cybersecurityConstantly evolving cyber threats require the engagement of the entire nation — from government and law enforcement to the private sector and most importantly, the public.

Cyberspace is woven into the fabric of our daily lives and the world is more interconnected today than ever before. We enjoy the benefits and convenience that cyberspace provides as we shop from home online, bank using our smart phones, and interact with friends from around the world through social networks. The Department of Homeland Security is committed to raising cybersecurity awareness across the nation and to working across all levels of government, the private sector, and internationally to protect against and respond to cyber incidents.

This year marks the tenth anniversary of National Cyber Security Awareness Month sponsored by the Department of Homeland Security in cooperation with the National Cyber Security Alliance and the Multi-State Information Sharing and Analysis Center.

Through a series of events and initiatives across the country, National Cyber Security Awareness Month engages public and private sector partners to raise awareness and educate Americans about cybersecurity, and increase the resiliency of the Nation and its cyber infrastructure.

This 10th anniversary, National Cyber Security Awareness Month looks ahead at the cybersecurity challenges for the next ten years, dedicating each week to a different cybersecurity issue.


Senate approves bill to end shutdown, avert possible default

Washington (CNN) — [Breaking news update at 8:35 p.m. ET Wednesday]

President Barack Obama said Wednesday night that if the House, as expected, follows the Senate in passing a deal to end the nation’s budget standoff, “I will sign it immediately. We’ll begin reopening our government immediately.”

[Previous story published at 8:18 p.m. ET Wednesday]

(CNN) — An agreement to end the partial government shutdown and avoid a possible U.S. default easily passed the U.S. Senate and headed to the House for a vote expected later Wednesday.

If approved by the Republican-led House, the legislation would go to President Barack Obama to be signed into law by the end of Thursday — the deadline for increasing the federal borrowing limit or risk the first default in American history.

Such quick congressional action on a measure announced earlier in the day was in stark contrast to the protracted brinksmanship of recent weeks that led to the shutdown now in its 16th day and brought the threat of default.

The measure represented a victory for Obama and Democrats over conservative Republicans who tried to use the shutdown and debt ceiling deadline to wring concessions on spending cuts and dismantling the Obama’s signature health care reforms.

However, the final agreement worked out by Senate leaders after House Speaker John Boehner was unable to get his own Republican caucus to support a House GOP version lacked any substantive measures sought by the political right beyond extending current spending levels until January 15.

It also raised the federal borrowing limit until February 7 and set up budget negotiations between the House and Senate intended to come up with a broader spending plan for the rest of fiscal year 2014, which ends on September 30.

Another provision requiring the government to confirm the eligibility of people receiving federal subsidies under Obamacare was labeled by Democrats and the White House as minor.

“We fought the good fight; we just didn’t win,” Boehner told a radio station in his home state of Ohio.

The Senate vote was 81-18, with more than half of the chamber’s Republicans joining Democrats in support.

Both chambers had to take special steps to get the legislation passed that quickly, raising concerns that tea party conservatives led by Sen. Ted Cruz of Texas would block or delay it in a final effort to include provisions intended to harm Obama’s signature health care reforms.

However, Cruz told reporters that he wouldn’t mount a filibuster or employ other procedural moves against the agreement.

At the same time, he criticized his Senate colleagues for what he called their failure to listen to the American people and said the fight against Obamacare would continue.

Democratic Sen. Chuck Schumer of New York blasted Cruz and the rest of the tea party wing in Congress for what he called the “reckless, irresponsible politics of brinksmanship over the last few weeks.”

“It was not America’s finest moment,” Schumer said.

National polls conducted since the start of the shutdown on October 1 indicate that while all sides are feeling the public’s anger over the partisan political impasse, Republicans are getting blamed more than Democrats or Obama.

Boehner and other House Republican leaders told their caucus they would vote for the agreement at an afternoon meeting that participants said ended with a standing ovation for the embattled Speaker.

“Blocking the bipartisan agreement reached today by the members of the Senate will not be a tactic for us,” Boehner said in a statement. “Our drive to stop the train wreck that is the president’s health care law will continue.”

News of the deal brought some relief to Wall Street as well as Washington, with pressure to resolve the impasse building with the approach of the Thursday deadline to raise the debt ceiling or face default.

Markets soar on agreement

U.S. stocks rose on the news of an agreement, with the benchmark Dow Jones Industrial Average jumping more than 200 points on the day.

Senate Majority Leader Harry Reid hailed the agreement he worked out with his GOP counterpart Mitch McConnell as “historic,” saying that “in the end, political adversaries put aside their differences.”

Obama praised Senate leaders for reaching a compromise, and urged Congress to act quickly, White House spokesman Jay Carney said.

In an expected gesture to hundreds of thousands of federal workers furloughed by the shutdown, the measure provides back pay for wages withheld.

McConnell fired an opening salvo for the budget talks expected to begin soon and continue until December when he said any ensuing spending deal should adhere to caps set in a 2011 law that included forced cuts known as sequestration.

“Preserving this law is critically important to the future of our country,” McConnell said of the Budget Control Act, which resulted from the previous debt ceiling crisis in Washington.

The focus on an agreement shifted to the Senate after House Republicans failed on Tuesday to come up with a plan their majority could support, stymied again by demands from tea party conservatives for outcomes unacceptable to Obama and Senate Democrats, as well as some fellow Republicans.

Rep. Charles Rangel compares tea party in House to ‘confederates’

Cruz, despite being in the Senate, is credited with spearheading the House Republican effort to attach amendments that would dismantle or defund the health care reforms known as Obamacare to previous proposals intended to end the shutdown.

All were rejected by the Democratic-led Senate, and Obama also pledged to veto them, meaning there was no chance they ever would have succeeded.

Republican Sen. Kelly Ayotte of New Hampshire called the House GOP tactic of tying Obamacare to the shutdown legislation “an ill-conceived strategy from the beginning, not a winning strategy.”

However, Republican Rep. Steve King of Iowa advocated continued brinksmanship to try to change Obamacare, which conservatives detest as a big-government overreach.

“If we’re not willing to take a stand now, then when will we take this stand?” he told CNN’s “New Day,” adding that if “the conservative Republican plan had been implemented five years ago, say at the inception of what is now the Obama presidency, we would have far less debt and deficit.”

Thursday marks the day the Treasury Department will run out of special accounting maneuvers to keep the nation under the legal borrowing limit. From that point on, it would have to pay the country’s incoming bills and other legal obligations with an estimated $30 billion in cash, plus whatever daily revenue comes in unless Congress acted.

Carney clarified that borrowing authority would continue through Thursday.

According to the best outside estimates, the first day the government would run short of cash without more borrowing authority was between October 22 and November 1.

The prospect of the U.S. government running out of money to pay its bills and, eventually, finding it difficult to make payments on the debt itself, had economists around the world talking about dire consequences. Mutual funds, which are not allowed to hold defaulted securities, might have to dump masses of U.S. treasuries.

Ratings agency Fitch fired a warning shot Tuesday that it may downgrade the country’s AAA credit rating to AA+ over the political brinksmanship and bickering in Washington that have brought the government to this point.

Economiss predicted dire consequences

Fitch warning shot Tuesday

That could help raise interest rates on U.S. debt, putting the country deeper into the red.

Disarray among House Republicans caused confusion on Tuesday, with Boehner having to pull a proposed agreement from the floor because conservatives found it too weak.

The House proposal dropped some provisions on Obamacare but prohibited federal subsidies to the President and his administration officials as well as federal lawmakers and their staff receiving health insurance through the Affordable Care Act programs.

It also would have forbidden the Treasury from taking what it calls extraordinary measures to prevent the federal government from defaulting as cash runs low, in effect requiring hard deadlines to extend the federal debt ceiling.

House Democrats opposed the GOP proposal, which meant it couldn’t pass without support from the 40 or so tea party conservatives, who wanted more spending cuts.

“It just kicks the can down the road another six weeks or two months,” said Rep. Joe Barton, R-Texas.

House Majority Leader Eric Cantor referred to the GOP infighting at Wednesday’s caucus meeting, telling his Republican colleagues to stop beating up on each other, according to participants. Describing Cantor as impassioned, they said he implored the caucus to avoid characterizing each other as good or bad Republicans.

The State of Security

The State of Security




It’s that time of year again – new 2013 IT Security reports – trends, breach investigations, and more on 2012 data from Verizon, Symantec, Ponemon, Mandiant, PWC (focused on Europe) – and others have been published. In the interest of those of us with short attention spans, in this post I’ll focus on Verizon’s 2013 Data Breach Investigations Report™ (DBIR).

There are five “Quick Wins” (in SANS 20 Critical Security Controls (CSC) parlance) that CISOs/CIOs and their teams might want to take today, helping you to avoid being a participant in the 2014 IT Security reports.

Quick Win #1 – Address Credentials, Admin Privileges, and Password Hygiene

Here’s some context:

Pair this trifecta of credential fail with the fact that 78% of the methods attackers used were low and very low levels of sophistication and it just makes sense that this could be one of the most fruitful places to shore up. Stated bluntly, you have to strictly and unyieldingly enforce strong credentials, supportive IT processes, and educate around it.  And, it applies to literally everyone – employees, partners, and IT personnel.

Quick Win #2 – Protect Key Assets

OK – so this is truly obvious, and sadly not much different from prior DBIR data. And of course, no ‘one size fits all’ for hardening your unique environment.

Skipping the ATM stat, the investigation trends showed that ‘data at rest’ was most at risk, not ‘data in motion.’

Over two thirds (66%) of exfiltrated data was in databases and file servers – and BTW commonly accessed through legitimate (but misused) credentials. Every environment will have its solutions to these problems, and they will evolve.

Quick Win #3 – Prepare Against the Most Common Attack Types

Physical – Businesses that use POS or ATM devices will  need to read the report to address the ATM skimming devices or POS ethics fail by workers who succumb to criminal influence.

When USBs or other external hardware is involved, just know that 41% of the “Physical” category of attack methods involved malicious code that auto-runs upon insertion/attach. Prepare against this common, low sophistication attack method by setting all your system configurations for

1)     Auto anti-malware scanning on all external media upon insert

2)     Disable auto-run content for USB and other external hardware

Malware – The “Assured Penetration Technique” is a combination of phishing-malware-entrenchment. Email delivery of multi-function malware was the most prevalent, and upon delivery of the payload – quiet, ongoing, often difficult-to-detect breach activity.

Note that in the figure below,  spy/keylogging malware was used 75% of the time if email scanning and safeguards were overcome. Here, strong system configuration management, file integrity monitoring, and frequent scanning help immensely with early detection.

Hacking – Over 52% of all breaches were accomplished by hacking. Notice below that only five methods account for 94% of hacks.  The DBIR said it best: “…the easiest and least-detectable way to gain unauthorized access is to leverage someone’s (or something’s) authorized access. Why reinvent the wheel? So it really comes as no surprise that authentication-based attacks (guessing, cracking, or reusing valid credentials) factored into about four of every five breaches involving hacking in our 2012 dataset.” Again, with the recommendation to harden credentials.

 Quick Win #4 – Detect and Contain Breaches Early

Detecting a breach in your organization requires essential technology, processes, and personnel in order to assure early detection and containment. It’s one of the most elemental purposes for having an IT Security group – ultimately it’s about protecting the organization.

It took months to years for over two thirds of breached organizations to figure it out. Imagine burglars having that period of time to roam about in your home unnoticed.

And, in about one third of the cases, it took attackers seconds to minutes before they’d both breached and exfiltrated data.

So that’s like someone getting into your home and finding/removing valuables while you’re in the kitchen getting a sandwich, only worse.

Quick Win #5 – Choose and Begin Implementing a Security Framework

The DBIR recommends implementation of the SANS 20 Critical Security Controls (CSC). However, since there is no ‘one size fits all’ solution, your organization may need to be more aligned with NIST SP 800-53 or even ISO 27002 guidelines. Choose one and start. What I like about the SANS 20 CSC:

▪   Collaboratively developed with wide participation, and continues to be updated for evolving conditions.

▪   Broadly applicable regardless of organization size, industry, public/private, security posture maturity level, budget, or most likely threat weakness.

▪   Offers high-level control categories, implementation priority, and sub-controls.

▪   Prioritized and organized sub-controls according to process maturity categories (Quick-Win, Visibility/Awareness, Control/Hygiene, and Advanced)

▪   Implementation diagrams and testing guidance is provided, and actual step order to follow.

▪   Automation procedures and tool suggestions are provided.

▪   Specific and detailed document references to NIST Special Publications (800-53), and associated NSA Manageable Network Plan Milestones and Network Security Tasks.

In Summary

All this said, and with the goal in mind of not being part of anyone’s breach or threat report for 2014, these final thoughts may be the most protective and preventative against the low sophistication attack vectors:

▪   Given that 76% of intrusions and the top five hacking methods all leveraged weak/misused credentials; it just seems natural to focus on credentials first.

▪   Next, assure you address ‘unauthorized’ hardware, and email phishing since these are two of the most common methods to deliver malware payload.

Finally, if you haven’t adopted a security framework, at least familiarize yourself with the SANS 20 CSC

Cyber Planner

Cyber Planner

Information technology and high-speed Internet are great enablers of small business success, but with the benefits comes the need to guard against growing cyber threats. As larger companies take steps to secure their systems, less secure small businesses are easier targets for cyber criminals. In October 2012, the FCC re-launched Small Biz Cyber Planner 2.0, an online resource to help small businesses create customized cybersecurity plans. Use this tool to create and save a custom cyber security plan for your company, choosing from a menu of expert advice to address your specific business needs and concerns.

Cyberattack threatens most businesses, Deloitte survey says


Cyberattack threatens most businesses, Deloitte survey says

By Hamish Barwick, Computerworld Australia Feb 18, 2013 10:05 AM

Many enterprises around the world think they are prepared for cyber attacks but the reality is that any organization is at risk of a security breach, consulting firm Deloitte warns.

Deloitte released the results from its sixth annual global Cyber Security Survey which was conducted with 121 technology, media, and telecommunications companies. Fifteen percent of the participants were from the Asia Pacific region.

The survey found that 88 percent of executives who took part did not see their company as vulnerable. In addition, 60 percent of participants rated their ability to respond to newly developed threats as either average or high.

According to Deloitte technology risk leader Dean Kingsley, this attitude needed to change as most passwords can be cracked in five hours.

“Businesses need to assume a breach will happen and prepare accordingly by shifting from pure prevention to detection and response planning,” he said in a statement.

“The goal is to create a resilient organisation that can bounce back quickly from attacks.”

Third-party breaches a top threat
Despite the confident attitudes expressed by executives, the survey results also found that 59 percent of participants had experienced a security breach in 2012 while 78 percent cited breaches at third parties as one of their top three threats.

“Companies need to move beyond pure contractual arrangements with their suppliers and other third parties, such as government agencies, and be more willing to co-operate in order to reduce weak links,” Kingsley said.

According to the survey, only 30 per cent of respondents believed that the third party organisations they work with are taking enough responsibility for cyber security.

BYOD a big risk

Mobile and bring your own device (BYOD) were also cited as challenges to IT security teams with 74 percent of executives ranking it as their second biggest risk. (See also “7 Tips for Establishing a Successful BYOD Policy.”)

However, only 52 percent said they have specific BYOD policies in place and 10 percent did not address mobile security risks at all.

Hacktivisim a concern

According to Deloitte Australia national security and resilience lead Tommy Viljoen, hacktivisim was referred to in the survey for the first time with 63 per cent rating it as a “major concern.”

“This vulnerability to hacktivism reflects that cyberattacks can now come from anywhere, and be prompted by perceived controversial business practices and decisions, often highlighted through social media,” he said.


“Recognizing the threat of hacktivisim, organisations are starting to gather intelligence relating to it and other types of cybercrime incidents.”

Over 50 percent of executives stated that they collect general information about hacktivism while 40 percent collect information about attacks specifically targeting their organisation, industry, brand or customers.

Information Technology /Online Training


Online / Cybersecurity Training

The TEEX/NERRTC Cyber Security online courses are designed to ensure that the privacy, reliability, and integrity of the information systems that power our global economy remain intact and secure. These DHS/FEMA-certified courses are offered through three discipline-specific tracks targeting general, non-technical computer users, technical IT professionals, and business managers and professionals.

Benefits of eLearning Courses

Study at Your Own Pace

Earn Continuing Education Credits

Print Certificates Online

Awareness Level Courses (Online)

AWR-111-W Basic EMS Concepts for WMD Incidents

AWR-160-W WMD/Terrorism Awareness for Emergency First Responders

Select the course below to begin your training

Non-Technical / General User Technical / IT Professional Managers and Business Professionals
AWR-175-W Information Security for Everyone
AWR-173-W Information Security Basics
AWR-176-W Business Information Continuity
AWR-174-W Cyber Ethics
AWR-178-W Secure Software and Network Assurance AWR-177-W Information Risk Management
AWR-168-W Cyber Law and White Collar Crime
AWR-138-W Network Assurance
AWR-169-W Cyber Incident Analysis and Report
AWR-139-W Digital Forensics Basics

Click Here To Begin Your Training

Awareness Level Courses (Jurisdiction)

AWR-136 Essentials of Community Cyber Security

Performance Level Courses (Jurisdiction)

Management and Planning Level Courses (Jurisdiction)

MGT-384 The EOC’s Role in Community Cyber Security

MGT-385 Community Cyber Security Exercise Planning

Monitoring & Analyzing the Social Intelligence Environment (SIE) in Support of Law Enforcement & Intelligence Operations

Introduction to TACTrend Social Media Monitoring

The rise of Apple iOS and Android mobile and tablet technologies, coupled with the immense growth of social networking websites, means a wealth of publicly available internet data is being created each and every day. With this information out there and readily available, Law Enforcement (LE) and intelligence experts created a plan to design a solution that could actively monitor and analyze this data which could provide them foresight into proactively fighting crime and terrorism.

Our world is on the verge of the fifth and most intense technological revolution which will move beyond mere “information” and become “hybrid” as it combines with a host of other technology areas. “Social Networking” is having a profound global effect on human culture and the way people communicate, collaborate, and interact. As a result, social media websites can also provide a forum for criminals and terrorists to connect and collaborate. This social spectrum within the internet is referred to as the “Social Intelligence Environment” (SIE). As criminals and terrorists continue to evolve technologically, our LE and intelligence agencies had to also adapt to these same technologies in order to maintain a tactical and strategic advantage.

As a result, TACTrend was invented and developed by former LE and special operations personnel. It has evolved over the past two years, and is being used by Federal, State, and local LE agencies. Built on open standard software technologies and the ability to be integrated easily with other legacy computer applications, it is both affordable and effortless to use.

TACTrend stands for “Tactical Social Trending” and is now the leading social network monitoring and analytics solution. It is delivered as a secure, web-based application through cloud technology. Legally approved by Federal government counsel, it augments a full range of LE operations including “Predictive and Intelligent Policing.”

DOWNLOAD WHITE PAPER > Tactical-Trending-White-Paper