If cybersecurity or risk management are on your radar (and since you're reading this post, I imagine they are), you've probably heard some of the latest on government efforts to insulate critical infrastructure networks from determined targeted threats.
President Obama has called for Congress to pass comprehensive cybersecurity legislation to make it easier for the government to share threat information with critical infrastructure companies - and vice versa.
As the President tells it, just as Americans understand the need to physically secure nuclear plants, test water for contamination, and secure cockpit doors, so must we ensure the security of our "digital backdoor."
We at Mandiant know all too well about the damage determined, targeted attackers can do - especially if they're able to sustain a presence over months or even years.The risks are serious, for the public sector as well as the private.
But with the Senate's failure to pass cybersecurity legislation again this summer, the legislative way forward is anything but clear. As election season nears, the likelihood of seeing new cybersecurity legislation in 2012 becomes more remote. During the month of August, M-Unition will be exploring how business and government can and must work together to address looming threats from targeted attackers determined to exploit our weaknesses.
We have some great posts planned, and I recommend keeping an eye out for these especially:
- A blog series on Applying Mandiant Solutions to Address Federal Mandates by Tim Gifford & John Bradshaw
- The next installment in Richard Bejtlich's Attacker Profile series
- The "Hikit" Rootkit - a blog series on Advanced and Persistent Attack Techniques by Christopher Glyer & Ryan Kazanciyan
- Our M-Unition Podcast Series, in which Lucas Zaichkowsky discusses the latest version of RedlineTM