SolarWinds

Unconstrained Actors

Assessing Global Cyber Threats to the Homeland

Charting FDA’s Course: SBOM as the North Star in Cybersecurity

Supply chain security has undergone a profound transformation after pivotal events such as the SolarWinds compromise in 2020 and the subsequent Log4j incident.  Central to this evolution is the emergence...

Unlocking the Potential: How SBOM Practices Revolutionize Tech Industries

Following the SolarWinds compromise, the focus on the Software Bill of Materials (SBOM) has surged remarkably. In the tech ecosystem, the SBOM offers a comprehensive overview of software components...

Building Partner Capabilities for Cyber Operations

Four Steps to Mix SBOMs—Softwares’ Recipe—Into Risk Management

Software bills of materials, the ingredient lists for software, are important elements to companies’ cybersecurity strategies, but only if they use SBOMs effectively to manage risk.

We Have a New National Cybersecurity Strategy. Now What?

The new National Cybersecurity Strategy is clear and concise, laying out the case for a more robust and engaged approach to defending our national critical infrastructure from a growing list of threats...

Possible Futures for Russia’s CEEW Playbook

The Pentagon’s new cybersecurity model is better, but still an incremental solution to a big challenge

The Pentagon announced in November a new “strategic direction” for its Cyber Maturity Model Certification, calling it CMMC 2.0 and essentially admitting the first iteration was overly complex and...

Russian Hackers Continue Targeting the Software Supply Chain

The Russian state-sponsored hacker group responsible for last year’s massive SolarWinds breach has continued targeting managed service providers (MSPs) in an effort to piggyback into other victim networks,...

Xi’s Broken Promises on Cybersecurity

He vowed in 2015 that his government would not support cybercrime. He never intended to honor that commitment.

The Economic Costs of Cyber Risk

What Happened at the Biden-Putin Summit? Not Much.

The two discussed Afghanistan, cyberattacks, and more.

What to Expect From the Biden-Putin Summit

Biden wants ‘stable and predictable’ relations with Russia. Is that possible?

New Cybersecurity Executive Order Seeks to Improve Trust Through Verification

President Joe Biden issued a new executive order last week to raise cybersecurity requirements for federal contractors and bolster the cybersecurity of federal networks. While the executive order will better...

Biden Administration Foreign Policy Tracker: Late April

Late April Trends

Biden Administration Fires Warning Shot with New Russia Sanctions

The Biden administration announced new sanctions and other punitive actions last week in response to a wide range of malign Russian activity. The sanctions entail a modest increase in economic pressure...

Biden Administration Nominates Key Cyber Personnel

President Joe Biden on Monday announced the nomination of Chris Inglis as the inaugural national cyber director (NCD), Jen Easterly as the director of the Department of Homeland Security’s (DHS’) Cybersecurity...

Did China cross a new red line in cyberspace?

The Mumbai hack showed complete disregard for collateral damage.

Microsoft and CISA Warn of Chinese State Hackers Targeting Windows Exchange Servers

Microsoft and the Cybersecurity and Infrastructure Security Agency (CISA) issued alerts last week warning that Chinese state-sponsored hackers had leveraged previously undiscovered vulnerabilities to harvest...

FDA Takes Important Step to Securing Medical Devices

The Food and Drug Administration (FDA) earlier this month named its first-ever acting director of medical device cybersecurity, Kevin Fu. This is an encouraging, if belated, step towards strengthening the...