At a glance.
- TikTok Global plans may not be enough to avert a ban.
- China's own entity list.
- University of Chicago's Harris School works to assist election authorities secure the vote.
- NSA issues telework guidelines.
- US Federal agencies see automation as improving cybersecurity.
- FERC on electrical utility security best practices.
- US sanctions Iranian nuclear scientists.
Spinning out TikTok Global may not allay US security concerns.
ByteDance’s arrangement to retain a majority, controlling stake in TikTok Global, with most of the remaining shares going, first, to Oracle, and second, to Walmart, may not pass muster with the US Government. According to the New York Times, the Administration has suggested that it wants ByteDance out of the picture as far as control is concerned, and that the large chunk of ByteDance shares owned by American investors won’t cut it: It’s not enough to allay concerns about Chinese control of the social platform.
China threatens to blacklist US companies.
Should either or both the US bans on TikTok and WeChat eventually go through, Beijing has signaled that US companies are in for some rough treatment of their own. The Washington Post reports that Saturday China’s Commerce Ministry announced plans for adding some companies to its “unreliable entities list.” While the Ministry didn’t specify exactly who would make the list, Chinese state media have for some time been calling for retaliatory bans on Apple and Google. However, the Wall Street Journal says that there is disagreement among Chinese leaders regarding when to strike, some saying they should delay implementing sanctions until after the US presidential election.
University think tank focuses on improving election security.
Sources tell the Washington Post that a CIA assessment completed at the end of August concluded that high-level Russian leaders, including President Putin, were directly involved in attempts to influence the US Presidential election. The Post reports that President Putin, while interested in disruption and fissure generally, is seeking to “denigrate” former Vice-President Biden.
A think tank run out of the University of Chicago’s Harris School of Public Policy has set its sights on bolstering election security. The Election Cyber Surge program pairs cybersecurity experts with local election officials, reports StateScoop. By volunteering their expertise, cybersecurity professionals can work with voting administrators to pinpoint and defend against vulnerabilities in voter registration technology that could be in danger of being hacked by foreign parties. “Here’s people who need help and people who can help. Let’s put them together,” summarized former Department of Homeland Security official Maya Worman, who leads the program.
NSA releases guidelines for telework practices.
In light of the current need for many National Security Agency (NSA) employees to work remotely due to the COVID-19 pandemic, the agency has just released two cybersecurity info sheets detailing protocols for secure work-from-home practices, says SecurityWeek. Aimed at Department of Defense workers, the info sheets provide advice on how to identify and alleviate potential breaches to their networks and department-issued equipment while teleworking.
Automation improves cybersecurity efficiency.
Industry experts say the key to enhancing cybersecurity without overwhelming resources could be automation, reports FedTech. Relying on automation tools that use machine learning and artificial intelligence to prevent and identify breaches frees up valuable manpower and reduces costs. Indeed, IBM stated in its annual Cost of a Data Breach Report that on average, organizations that do not utilize automation spend well over 3.5 million dollars more per breach than organizations that do. Federal entities like the Department of Defense and the military have been pioneering the implementation of automation, and the Air Force Network recently issued a transaction agreement to utilize a new intelligent decision automation platform.
Electric companies amp up cyberstrategy.
Security Week summarizes a report by the Federal Energy Regulatory Commission and North American Electricity Reliability Corporation that details electric utility cybersecurity best practices. Filling well-defined roles with well-trained employees who are cleared to act quickly constitutes the best frontline defense. Baselining and decision trees are the next level of protection. When responding to an incident, organizations need to understand how all the moving parts fit together, and how certain solutions could trigger other risks or exhaust resources. Following an event, protocols should be updated to reflect what was learned.
Iranian scientists associated with Tehran's nuclear program sanctioned by US.
The Department of Commerce announced the addition of five Iranian scientists cooperating with Tehran’s nuclearization program to the Entity List, a list of parties involved in undertakings contrary to US security or foreign policy that face additional export, re-export, and transfer licensing regulations and limitations. “Iran’s nuclear escalation adds to destabilization in the region,” Secretary of Commerce Wilbur Ross explained.