The Civilian Cybersecurity Reserve: A National Guard-like program to address growing cybersecurity vulnerabilities faced by the U.S. government

The SolarWinds cyberattack as well as other recent cyber breaches targeted at the United States has demonstrate the risks of the cyber workforce shortage.  Researchers at Cybersecurity Ventures a trusted source for cybersecurity facts, figures, and statistics stated there is currently 3.5 million unfilled cybersecurity jobs globally, which is enough to fill 50 NFL stadiums.  In the US alone according to cybersecurity research groups, there are an estimated 315,000 unfilled cybersecurity positions.

As cybersecurity threats and attacks continue to grow in scale, occurrence, and complexity, it’s critical that a solution to address the deficiency is put in place.  Unfortunately, the pipeline of security talent isn’t where it needs to be to help curb the widespread of cyber-crimes we are facing.  Until we can rectify the quality of education and training of new cyber practitioners and pursue inclusion using STEM programs to include underrepresented groups, the problem will persist.

In fact, in the past few years there has been a zero-percent unemployment rate in cybersecurity and the opportunities in this field are vast.

To help combat this problem, lawmakers want to create a National Guard-like program to address growing cybersecurity vulnerabilities faced by the U.S. government.  This would be like a Civilian Cybersecurity Reserve and it would be voluntary and by invitation only.  This would allow our national security agencies to have access to the qualified, capable, and service-oriented American talent necessary to respond when an attack occurs.

What are your thoughts in this program?  Do you think it is a good idea and it can help with the overall issue?  Please share your opinion.

Parent/Child Agreement Contract

Nowadays having an online agreement or a set of rules that guides both a child and parent on online usage and expectations makes a lot of sense.  It also allows an opportunity for both the parent and child to talk about the components that are in the contract as a way to dialog about the importance of being in the digital world.

Once the agreement is signed, it is still important for parents to stay engaged in the child’s usage.

Below is a parent/child agreement you can use.  Feel free to add or remove items as needed.

SecurityOrb – Parent Child Online Agreement

Internet Safety Tips for Seniors and Scams to Watch Out for

According to a Pew Research Center survey, about 66% of Americans over the age of 65 are online.  They are keeping up to date with the latest news stories, staying in touch with family, getting medical information, managing appointments, renewing prescriptions, and accessing medical records.  In addition, seniors are using the Internet as a way to stay in the workforce and even launch a new career or business as well as a way to make new friends and to find romantic partners through online dating.

All of these attributes are great, but there are always dangers to be aware of from malicious individuals and fraudsters.  They use the Internet to scam unsuspecting users.  A rule of thumb is if an offer, email, or message sound too good to be true or just seems suspicious, it probably is.

In conjunction with the normal found here, seniors should be aware of:

  1. Personal emergency scam: Scammers email or post social media messages that appear to be from someone you know saying they are in distress, such as having their wallet stolen or having been arrested. If you get such a message, find another way to verify if it’s true, such as reaching out directly to the person. If you get such a message from a friend, there is a good chance that their account was hacked and that it’s a criminal who is out to steal your money.
  2. You owe money scam: Be wary of emails that claim you owe money. If you hear from a bill collector or a government agency about money “owed” by you or a family member, don’t respond unless you are certain it’s legitimate. It’s pretty common for scammers to send “bills” to people who don’t actually owe them money.
  3. Online dating scam: Many people have found love via dating websites, but others have been scammed out of money by online con artists. For tips on safe online dating and a list of red flags, see “Meeting new friends and romantic partners.”
  4. Infected computer scam: You might get a call from “Microsoft,” saying your computer is infected or vulnerable to hacking, with an offer to fix it for you. Hang up. Microsoft and other reputable companies never make these calls. These are criminals trying to steal your money and plant viruses on your machine. Also be suspicious of any messages in email or that pop-up on your computer, in your Web browser, or on a mobile app warning you of a virus or a security risk. If you have reason to suspect that your device is at risk, consult a trusted expert but never download software or apps that you aren’t certain to come from legitimate sources.

The bottom line is to speak out and don’t be ashamed if you do get scammed and become a victim of fraudulent activities.  Criminals are very good at what they do and there have been lots of very smart people who have been victimized online. If it happens to you, report it to a trusted person and, if appropriate, law enforcement. Even if you let your guard down, it’s not your fault if something bad happened to you.

5 Teen Internet Safety Tips

How could our teens live without their smartphones, laptops, and other devices that allow them to go online, communicate and have fun with their friends in a safe manner?  We have provided five (5) tips they should remember.

1.     Keep Your Online Identity Private

We all understand on the Internet, you really never know who is at the other end.  Therefore, a good rule is to not tell anyone your real name and address or schedule such as practice locations and etc.

2.     Your Password Belongs to You … And Only You

Don’t ever give your password to anyone (except your parents). It’s just that simple because someone can post information that gets you expelled from school, in trouble with your parents,

3.     What You Post Can Live Forever

Watch what you post about yourself or others and watch what your friends post about you because you may have to live with it for a long, long time.

4.     Be a Good Digital Citizen

Watch what you write and post while online somebody is or will be reading what you write. Also, illegally downloading music or movies and making online threats are just as illegal on the Internet as they are in the real world. You cannot hide behind a screen name and get away with it.

5.     Be Careful and Smart about Meeting Someone in Person

The FBI presents a strict warning: “Never meet anyone in person that you meet online.” That said, many teens do make good friends online. You just have to be careful and smart as well as make sure other people you know, and trust also know this “new” online person.

Update Greenbone Vulnerability Management Plugins on Kali (NVT, Cert Data & SCAP Data) Automatically

Once you have installed or configured the Greenbone Vulnerability Management system it is a good idea to ensure it is kept up to date and running the latest security scripts to find the latest vulnerabilities as well as sync to the most updated nvt, scap and cert data.  The best way to do this is to create a script that sync’s the necessary data for you automatically each day.

Create a script under /usr/local/bin called update-gvm

  • vi /usr/local/bin/update-gvm

add the following contents to the file

  • sudo runuser -u _gvm — greenbone-nvt-sync
  • sudo runuser -u _gvm — greenbone-scapdata-sync
  • sudo runuser -u _gvm — greenbone-certdata-sync

save the file and make it executable

  • chmod a+x /usr/local/bin/update-gvm

run the script to make sure it works and that there are no errors

  • /usr/local/bin/update-gvm

add the script to cron to run daily

  • crontab -e

add the following contents

  • 1 1 * * * /usr/local/bin/update-gvm 1>/dev/null 2>/dev/null

the above cronjob will be run at 1-minute past 1 every day

SA.3.169 Community-based Threat Sharing (CMMC Level 3)

Receive and respond to cyber threat intelligence from information sharing forums and sources and communicate to stakeholders.

Source Discussion

Establish relationships with external organizations to gather cyber threat intelligence. Periodically review the sources of intelligence to ensure they are up-to-date and relevant [a]. Cyber threat intelligence from external sources should inform situational awareness activities within the organization. Relevant external threat intelligence is reviewed and communicated to stakeholders within the organization for appropriate action if needed [c].

To enhance situational awareness activities, leverage external sources for cybersecurity threat intelligence. Establish a relationship with external organizations, or periodically survey relevant sources, to ensure you are receiving up-to-date threat intelligence information pertinent to your organization.

CMMC Clarification

To enhance situational awareness activities within the organization, leverage external sources for cybersecurity threat information. Establish a relationship with external organizations, or periodically survey relevant sources, to ensure you are receiving up-to-date threat intelligence information pertinent to your organization. Examples of sources include US-CERT, various critical infrastructure sector ISACs, ICS-CERT, industry associations, vendors, and federal briefings.

Threat information is reviewed and, if applicable to your organization, communicated to the appropriate stakeholders for action.

CMMC GUIDE FURTHER DISCUSSION

Cyber threat intelligence may include:

  • attacker methodologies, tools, and tactics;
  • indicators of specific malware;
  • details of specific attacks; and
  • high-level information on changing threats [a]. Examples of cyber threat intelligence sources include:
  • Department of Homeland Security (ICS-CERT, US-CERT);
  • Information Sharing and Analysis Centers (ISACs);
  • DoD Defense Industrial Base (DIB) Collaborative Information Sharing Environment (DCISE);
  • vendors’ notifications;
  • industry groups (e.g., Internet Storm Center, Nextgov, ThreatWatch); and
  • law enforcement (e.g., FBI, InfraGard, IC3) [a].

Examples of procedures the organization may implement to effectively receive, respond to, and communicate cyber threat intelligence may include:

  • source identification,
  • monitoring frequency,
  • threat identification,
  • threat validation and analysis,
  • threat communication,
  • procedures for the identification of stakeholders,
  • stakeholder communication requirements, and
  • tools and techniques for communication [b,c].

An organization may respond to threat intelligence with actions like updating firewall rules, issuing advisories to users, or providing new indicators of compromise to incident response personnel.

This practice, SA.3.169, which ensures receiving and responding to cyber threat intelligence, is a baseline practice for the following practices: IR.2.096, RM.2.141, and RM.3.144. These practices benefit from the use of cyber threat intelligence.

Examples

You are in charge of IT operations for your company. Part of your role is to ensure you are aware of up-to-date cyber threat intelligence information so you can properly perform risk assessments and vulnerability analyses. To do this, you join a defense sector ISAC, and sign- up for alerts from US-CERT. You use information you receive from these external entities to update your threat profiles, vulnerability scans, and risk assessments. Also, you use these sources to gather best practices for informing your employees of potential threats and disseminate the information throughout your organization to the appropriate stakeholders.

References

CMMC
NIST CSF v1.1 ID.RA-2
NIST SP 800-53 Rev 4 PM-16